Cisco fixes a critical flaw in CISCO CVR100W Wireless-N VPN Small Business Routers

Cisco released a firmware update to fix a critical buffer overflow vulnerability in CISCO CVR100W Wireless-N VPN Small Business Routers.

Cisco has released a firmware update to fix a critical vulnerability in its CVR100W Wireless-N VPN routers.

The flaw, tracked as CVE-2017-3882, can be exploited by attackers to trigger a denial-of-service (DoS) condition and execute arbitrary code with root privileges.

The CVE-2017-3882 vulnerability was discovered by researchers from the Chinese GeekPwn hacker group. The company said there was no evidence of malicious exploitation.

CISCO CVR100W Wireless-N VPN Routers

The good news is that CISCO revealed that there was no evidence of exploitation of the flaw in the wild.

“A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2–adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges.” reads the CISCO security advisory.

The vulnerability resides in the Universal Plug and Play (UPnP) implementation of the CVR100W Wireless-N VPN routers.

The exploitation of the flaw is quite simple, an attacker can trigger the vulnerability by sending a specially crafted request to the UPnP listening port of the router.

“The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges.” continues the analysis.

The flaw affects CVR100W Wireless-N VPN routers running a version of the firmware prior to 1.0.1.22, no other small business routers are affected.

Administrators can determine which firmware release is running on their routers by logging in to the web interface using the http(s)://system-ip access URL.

Below there is an example included in the advisory, in this the router is running Firmware Release 1.0.1.21.

Cisco Small Business
CVR100W Wireless-N VPN Router
Version 1.0.1.21

The CVR100W Wireless-N VPN routers are also affected by a medium severity bug that can be exploited by an unauthenticated attacker to bypass the remote management ACL. This flaw was fixed with the release of version 1.0.1.24.

Source:http://ift.tt/2qObs3t

The post Cisco fixes a critical flaw in CISCO CVR100W Wireless-N VPN Small Business Routers appeared first on Information Security Newspaper.

from Information Security Newspaper http://ift.tt/2p7FhQ4

Anuncios

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s