[German]Cisco has published a security warning for its small business routers that they are affected by a root vulnerability and should be updated to a new firmware version quickly.
Advertising
In the security warning Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities dated February 3, 2021, the manufacturer writes that there are several security vulnerabilities CVE-2021-1289, CVE-2021-1290, CVE-2021-1291 in its VPN routers. It says:
In Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV160, RV160W, RV260, RV260P and RV260W VPN routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a manipulated HTTP request to the web-based management interface of an affected device. A successful attack could allow the attacker to remotely execute arbitrary code on the device.
These vulnerabilities affect the following Cisco Small Business Routers when running firmware versions prior to Release 1.0.01.02:
- RV160 VPN Router
- RV160W Wireless-AC VPN Router
- RV260 VPN Router
- RV260P VPN Router mit POE
- RV260W Wireless-AC VPN Router
Cisco has released software updates that fix these vulnerabilities. There are no workarounds that address these vulnerabilities. The following models are not affected by this vulnerability:
- RV340 Dual WAN Gigabit VPN Router
- RV340W Dual WAN Gigabit Wireless-AC VPN Router
- RV345 Dual WAN Gigabit VPN Router
- RV345P Dual WAN Gigabit POE VPN Router
More information can be found in the Cisco security alert. There are no known attacks so far, as Bleeping Computer writes here.
