Cisco fixes flaw in wireless VPN routers
Cisco is telling customers to update their wireless VPN and firewall routers, after patching a critical vulnerability that could allow unauthenticated, remote hackers to execute malicious code. The vulnerability, CVE-2019-1663, affects RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and the RV215W Wireless-N VPN Router. These small business routers are used for wireless connectivity in small offices and home offices.
The vulnerability is in the web-based management interface for the three router models. The management interface for these devices is available through a local LAN connection or the remote management feature. The flaw is from the interface, which does not properly double check the user supplied data sent to it. So a hacker could send malicious HTTP requests to the targeted devices, and ultimately execute code on them. The hacker could be unauthenticated and remote. The vulnerability is due to improperly validated user input fields through the HTTP/HTTPS user management interface. Cisco tagged this vulnerability with CWE-119, for a buffer overflow. This means that a pre-authentication user input field on these devices can be manipulated into dropping code into the device's memory, which then executes at the system level.
Routers with the remote-management feature enabled are exposed to a remote attack according to Cisco. The feature is disabled by default, but administrators can check if remote management is enabled by selecting Basic Settings ->Remote Management in their router's web interface. Even though Cisco did not detail whether the vulnerability has been exploited, they released firmware updates for the affected devices. The patched software versions are the following: RV110W Wireless-N VPN Firewall version 1.2.2.1, RV130W Wireless-N Multifunction VPN Router version 1.0.3.45, and RV215W Wireless-N VPN Router version 1.3.1.1.
The vulnerability was discovered by security researchers Yu Zhang and Haoliang Lu, and T. Shiomitsu of Pen Test Partners. Cisco routers with vulnerabilities, even those with patches issued for them, are frequently targeted by hackers but it is still critical to keep your devices patched and up to date. Detailed instructions and instructions on updating software are available at Cisco's website.