Cisco Routers Have Critical Vulnerabilities that Need to Be Addressed

The router is a fundamental piece for our connections. When there is a problem that affects the security of this device it could put all the equipment connected to it at risk. In this article we echo a series of critical errors that affect Cisco routers . These flaws could allow intruders and execute attacks by remotely gaining root access.

Critical vulnerabilities in Cisco routers

Recently, a number of critical vulnerabilities have been detected in Cisco Small Business routers. Specifically, these are problems that allow remote code execution prior to authentication.

Cisco Routers Have Critical Vulnerabilities

This problem would allow hackers to execute arbitrary code as root on successfully exploited devices. Cisco stated that there are three major security bugs that were discovered in the RV320 and RV325 firmware. These faults were logged as CSCvq34465, CSCvq34469 and CSCvq34472.

These vulnerabilities are present as HTTP requests are not properly validated. Cybercriminals could easily exploit these flaws by passing a crafted HTTP request to the web-based management interface of an attacked device.

When this exploit is performed, hackers could run arbitrary code on that device and compromise it remotely.

Cisco has indicated that all affected small business routers are vulnerable to attacks and are trying to exploit these vulnerabilities if they run a firmware version prior to version 1.0.01.02 . It affects these routers:

  • RV160 VPN Router
  • RV160W Wireless VPN Router
  • RV260 VPN Router
  • RV260P VPN Router with POE
  • RV260W Wireless VPN Router

However, from Cisco they have also shown a list of routers that have not been affected by this problem. They are as follows:

  • RV340 Dual WAN Gigabit VPN Router
  • RV340W Dual WAN Wireless-AC Gigabit VPN Router
  • RV345 Dual WAN Gigabit VPN Router
  • RV345P Dual WAN Gigabit POE VPN Router

Vulnerabilidad crítica de Cisco

Updates available

An important point is that the company has indicated that there is no evidence that these vulnerabilities have been exploited. Patches are already available, so users of these routers should update the firmware to the latest version as soon as possible to avoid problems that could compromise security.

Updating the router firmware is a very important process that we must always carry out. On the one hand, we are going to obtain performance improvements that can help make the speed, quality and stability of the connection the best possible. But also, and this is the most important thing, we can avoid possible vulnerabilities that can be exploited by cybercriminals.

Therefore, all those users who have a Cisco router vulnerable to this problem that we have mentioned should update the software to the latest version. This can also be applied to any other user who wants to keep their router safe and with the latest versions to improve performance.

On many occasions we have seen security flaws that affect network devices. Therefore, from this article we recommend always having the latest versions installed.