Discard those routers, Cisco says, because we won’t be patching them. • The Register


Cisco this week patched three vulnerabilities in its products and announced that it would leave unpatched a VPN hijacking flaw affecting four small business routers.

These small business routers—the RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router—have reached their End of Life (EoL), and the network provider is also recommending customers to upgrade to devices that are not vulnerable. To give you an idea of ​​the potential age of this kit, Cisco stopped selling the RV110W and RV130 in 2017 and ended support for them that year.

“Cisco has not and will not release any software updates to address the vulnerability described in this advisory,” the vendor wrote in one advisory. “Customers are advised to migrate to Cisco Small Business RV132W, RV160, or RV160W routers.”

It also said there are no workarounds to fix the…

Source link

Leave a Reply