Cisco has released security fixes for several models of wireless VPN firewalls and routers, plugging a remote code execution flaw (CVE-2019-1663) that can be triggered via a malicious HTTP request.
About CVE-2019-1663
The vulnerability affects the:
- Cisco RV110W Wireless-N VPN Firewall
- Cisco RV130W Wireless-N Multifunction VPN Router
- Cisco RV215W Wireless-N VPN Router.
The flaw is in the devices’ web-based management interface and arose due to improper validation of user-supplied data. By sending a malicious HTTP requests to a vulnerable device, an attacker may be able to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.
The vulnerability was discovered and disclosed without any technical details or mention of the affected products in October 2018 at GeekPwn Shanghai by Yu Zhang and Haoliang Lu. It has apparently also been flagged by Takeshi Shiomitsu of UK-based Pen Test Partners.
There seems to be no publicly available exploit code for the flaw at this time and Cisco does not mention any active exploitation attempts.
The flaw is serious, but can be exploited only if a device’s web-based management interface is available through a local LAN connection or the remote management feature, and the latter is disabled by default.
Nevertheless, users are urged to implement the provided fixed releases as soon as possible.
from Help Net Security https://ift.tt/2VpSNdS
0 comments:
Post a Comment