Cisco is urging customers that are using some of its Small Business routers to replace their devices because they will no longer receive security updates.
According a security advisory published by the company, Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers are affected by Remote Command Execution vulnerability that resides in the Management Interface.
The vulnerability is caused by the improper validation of user-supplied input in the web-based management interface.
The flaw, tracked as CVE-2021-1459, has been rated with a CVSS score of 9.8 out of 10.
“A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.” reads the advisory published by the tech giant. “The vulnerability is due to improper validation of user-supplied input in the web-based management interface.”
An attacker could exploit the vulnerability by sending crafted HTTP requests to a targeted device. The issue could allow attackers to execute arbitrary code as the root user on the underlying operating system of the affected device.
The company has not released security updates to address this flaw, the company pointed out that there are no workarounds that fix this vulnerability.
The flaw affects the following Cisco Small Business RV Series Routers:
“Cisco has not released and will not release software updates to address the vulnerability described in this advisory. The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process. Customers are advised to refer to the end-of-life notices for these products:
End-of-Sale and End-of-Life Announcement for the Cisco Small Business RV Series Routers (selected models)” continues the report.”Customers are encouraged to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers.”
The vulnerability was discovered by the security researcher Treck Zhou.
The Cisco Product Security Incident Response Team (PSIRT) confirmed that it is not aware of any public announcements or malicious use of the above vulnerability.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Cisco)