Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

No Patch for Critical RCE Flaw in Cisco Routers

Cisco is working on developing patches for several vulnerabilities affecting its RV series routers, including a critical flaw that can be exploited by a remote attacker for arbitrary code execution.

Cisco is working on developing patches for several vulnerabilities affecting its RV series routers, including a critical flaw that can be exploited by a remote attacker for arbitrary code execution.

The security holes, reported to Cisco by researcher Samuel Huntley, affect the RV110W Wireless-N VPN firewall, the RV130W Wireless-N Multifunction VPN router, and the RV215W Wireless-N VPN router.

The critical vulnerability, identified as CVE-2016-1395, is caused by insufficient sanitization of HTTP user input in the device’s web interface. It allows a remote, unauthenticated attacker to execute arbitrary code with root privileges on the targeted system.

“An attacker could exploit this vulnerability by sending a crafted HTTP request with custom user data,” Cisco said in its advisory. “An exploit could allow the attacker to execute arbitrary code with root-level privileges on the affected system, which could be leveraged to conduct further attacks.”

Another issue found in the web-based management interface of Cisco’s RV series routers is a cross-site scripting (XSS) vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or access sensitive browser information. An attacker needs to convince the victim to access a specially crafted link in order to exploit the vulnerability (CVE-2016-1396).

Huntley also discovered a couple of denial-of-service (DoS) vulnerabilities in the web interface of Cisco RV110W, RV130W and RV215W routers. The flaws, tracked as CVE-2016-1398 and CVE-2016-1397, are buffer overflows that allow an authenticated attacker to cause the devices to reload and enter a DoS condition by sending them specially crafted HTTP requests. The XSS and DoS flaws have been rated “medium severity.”

None of these vulnerabilities have been patched and there are no workarounds. Cisco expects to release firmware updates in the third quarter of 2016. In the meantime, the company pointed out that the web-based management interface affected by the flaws is only accessible via a local LAN connection or the remote management feature, which is disabled by default.

The networking giant says there is no evidence that any of these flaws have been exploited for malicious purposes.

Advertisement. Scroll to continue reading.

Related: DoS Vulnerability Affects Cisco, Juniper Products

Related: Cisco Fixes Flaws in Network Analysis Modules

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.