Network Security, Content

Cisco Security Warning: Critical Wireless Router Flaw

Cisco has issued a security alert warning businesses of a critical vulnerability in some of its web-based VPN and firewall routers that could allow remote attackers to commandeer a compromised device as a high privileged user.

The affected products include:

  • RV110W Wireless-N VPN Firewall.
  • RV130W Wireless-N Multifunction VPN Router.
  • RV215W Wireless-N VPN Router.

Customers are vulnerable to a remote attack if they enabled the remote-management feature on the affected devices. The feature is disabled for these devices by default. To determine whether the remote management feature is enabled for a device, administrators can open the web-based management interface and choose Basic Settings > Remote Management. If the Enable box is checked, remote management is enabled for the device.

Cisco Router Vulnerabilities and Software Fixes

There are no workarounds to address the vulnerability. Cisco has released software fixes and is urging businesses to install updates immediately. Users can install and expect support for those products only if they’ve purchased the associated license.

“The vulnerability is due to improper validation of user-supplied data in the web-based management interface,” Cisco’s advisory reads. “An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”

The networking giant has tagged the flaw as CVE-2019-1663. Under the Common Vulnerability Scoring System, the bug has been given a severity score of 9.8 out of a possible 10.

Cisco has known about the bug for about four months. Last October, security researchers at the GeekPwn Shanghai conference announced they had discovered the flaw but didn’t provide any technical details or identify the affected products.

Cisco didn’t say in its advisory if the bug had been exploited.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.