Cisco reports dangerous remote attack opportunities on small business routers

Cisco reports dangerous remote attack opportunities on small business routers

Cisco’s Small Business Router of the Models RV110W, RV130, RV130W and RV215W According to a current security advisory, they can be attacked remotely and without authentication if they are configured in a certain way. A critical security gap in the universal plug-and-play service allows the execution of any program code with root rights (remote code execution) or the arbitrary restart of the device to cause a denial of service by means of specially prepared UPnP requests.

Cisco is not planning any security updates to address CVE-2021-34730 because the devices have reached end-of-life status. Owners of vulnerable devices can, however, protect them against attacks by deactivating UPnP on the LAN and WAN interfaces. The service is activated by default on the former. The current status can be checked and changed in the web-based management interface via the “Disable” box under “Basic Settings> UPnP”.

Cisco has released a second security advisory marked “Critical”. He deals with a recently discovered vulnerability in Blackberry’s real-time operating system QNX, which attackers could use to attack embedded systems and, in the worst case, execute malicious code (CVE-2021-22156).

According to its own information, Cisco is currently reviewing its product portfolio in search of devices that could be attacked via said security vulnerability; Cisco’s Security Advisory for BlackBerry QNX has not yet provided specific information on vulnerable products. The notes are often supplemented with further information at a later point in time. Pentest7 Security has dedicated its own message to CVE-2021-22156:

Cisco’s overview of all current advisories also lists some recently eliminated medium gaps in various products.


Leave a Reply

Your email address will not be published.