June 30, 2016
Have A Cisco SMB Firewall Or Router? Update Now
If you use a Cisco firewall or router to protect your digital assets, it’s time to check your equipment. Cisco recently released a security advisory that covers three of its popular, widely used pieces of equipment:
The RV 110W Wireless-N VPN Firewall
The RV 130W Wireless-N Multifunction VPN Router
The RV 215W Wireless-N VPN Router
If you’re using any of these, then brace for impact. The company has found two key security flaws that put you, your company, and your data at risk.
The first and most threatening is a vulnerability that allows hackers to send HTTP requests to your device, loaded with custom user data. When they do, they’ll gain root-level control on your system that can lead to a complete compromise.
The second (listed as medium-severity by Cisco) is a cross-site scripting flaw (XSS) which could allow a hacker to execute an arbitrary script to “trick” your equipment into allowing them to view sensitive browser-based information. In addition to these, two other medium-severity buffer overflows were found, which, if exploited, could result in devastating DoS (denial of service) attacks on your system.
In other words, the news is about as bad as it could possibly get, but there’s more. Until a patch is issued, there’s really no good way to guard against the threats that these security flaws represent, and according to Cisco, the soonest we can expect to see a patch to address these flaws will be sometime in the 3rd quarter of this year.
Under normal circumstances, the quick and easy solution would be to disable remote management of these devices, and in so doing, eliminate the threat that the security flaws represent, but the presence of the XSS flaw makes that approach unworkable. The hackers could simply use that to get around the fact that you’ve disabled remote management, leaving you with few good options until Cisco releases their patches.