Cisco Patches Critical Flaw in Small Business Router

By Eduard Kovacs on May 04, 2017


Cisco has released a firmware update for one of its small business routers to address a critical vulnerability that can be exploited for denial-of-service (DoS) attacks and arbitrary code execution.


The vulnerability, discovered by researchers from GeekPwn, a China-based IoT-focused hacking competition, affects CVR100W Wireless-N VPN routers. The company said there was no evidence of malicious exploitation.


The flaw, tracked as CVE-2017-3882 and described as a buffer overflow, affects the device’s Universal Plug and Play (UPnP) implementation and it can allow an unauthenticated, layer 2-adjacent attacker to execute arbitrary code with root privileges or cause vulnerable routers to reload.


Full Article

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico