Last days, the giant Cisco said that there is no plan to fix a critical vulnerability (RCE) affecting some small business routers – instead urging users to replace the devices.
The flaw tracked as CVE-2021-1459 is a CVSS score of 9.8 out of 10, and affects RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers, allowing an unauthenticated remote attacker to execute arbitrary code on an affected appliance.
In detail, the flaw takes advantage of improper validation of user-supplied input in the web-based management interface and can be exploited by an attacker by sending a special HTTP request to get an RCE condition.
“A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device,” Cisco said in its advisory.
The vulnerability was discovered by Treck Zhou, and he has been credited with reporting the vulnerability. Although the company noted there’s been no evidence of active exploitation attempts in the wild, it doesn’t intend to release a patch or make any workarounds available, citing that the products have reached end-of-life.
“The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process,” the firm said. “Customers are encouraged to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers.”
For more details about the last round of fixes by Cisco, please access this link.
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.