Two days after Cisco released security updates for its router models, RV110W, RV130W, and RV215W, attackers have attempted exploiting these devices.
A tweet by security firm Bad Packets LLC indicated various instances of these routers being targeted again post the update release. It is believed that this is a consequence of a new bug disclosed by security firm Pen Test Partners.
Thankfully, updates meant for CVE-2019-1663 work on resolving this buffer-overflow flaw. Routers having outdated software versions are still vulnerable. In fact, Pen Test Partners actually analyzed the model RV130W having a custom software version.
“The RV130, like a lot of routers and other embedded IoT devices, does not run Cisco IOS. Instead, it runs some form of embedded Linux. The majority of router-like functionality is handled by a small set of binaries which parse user input and make the router do useful router things. Most of the user input comes through the web interface – which is where we found this bug,” mentioned the firm’s blog.
Therefore, users of these router models are suggested to update them with the latest security patch.