Cisco has patched critical vulnerabilities in some of its small business routers, preventing threat actors from taking over the impacted devices. External researchers have found three security flaws in Cisco’s RV160, RV260, RV340, and RV345 series VPN routers.
The vulnerabilities could be remotely exploited by an unauthenticated attacker to launch DoS and arbitrary code execution attacks. Two of the vulnerabilities have been given a severity rating of “critical.” One of them, CVE-2022-20842, is brought on by inadequate user input validation and affects the routers’ web-based management interface.
By sending the targeted device carefully crafted HTTP requests, an attacker can take advantage of the vulnerability.
For more such updates follow us on Google News ITsecuritywire News