Three of the Cisco wireless VPN firewalls and routers from the version of the small business RV series have been found to contain a critically unpatched flaw that cyber attackers can exploit and get control of it in the end.
The flaw is actually located in the web-based management interface of the Cisco RV110E Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and the RV215W Wireless-N VPN Router.
If any of the exploited devices are configured to the remote management, then they can easily be affected and exploited. This is because attackers only need to send unauthenticated HTTP requests to the devices and they should also contain custom user data. After this, a remote code execution will be set as a route, after which the highest privileged account on the system and therefore it will lead to a complete compromise.
In a security advisory to its clients last week, the company warned about the vulnerabilities, but it has not released any patches as yet. So far, the plan is that the company will release firmware updates which will help to address the flaw in all the affected models in the third quarter of the year. Unfortunately, these are not the only unpatched vulnerabilities which have been lingering on these three Cisco devices. The company has also previously warned of medium severity, cross-site scripting (XSS) flaw and also two medium risk buffer overflows which could end up in denial of service conditions.
The buffer overflows exploitation, however, requires cyber attackers actually to have an authenticated session in the web interface of the device; the tricking users can simply start the XSS flaw into clicking some various crafted URLs. In its advisory, Cisco said that a successful exploit could be simply done by executing arbitrary script all in the context of the web-based management interface which would allow attackers to access various sensitive browser-based information.
At the moment, the XSS flaw makes it entirely impossible for the users to find a mitigation strategy if there are no patches given. This is because it can be given in combination with other vulnerabilities. An example is that of how when users disable the external management in the routers so that they can protect themselves from the vulnerability, the devices are still going to be exposed through the cross-site scripting flaw.
If this has you worried and in the market for a new router, check out our picks for the best VPN and DD-WRT enabled routers.