A popular line of small business routers made by Cisco Systems are vulnerable to a high-severity vulnerability. If exploited, the flaw could allow a remote – albeit authenticated – attacker to execute code or restart affected devices unexpectedly.
Cisco issued fixes on Wednesday for the flaw in its RV132W ADSL2+ Wireless-N VPN routers and RV134W VDSL2 Wireless-AC VPN routers. These routers are described by Cisco as “networking-in-a-box” models that are targeted for small or home offices and smaller deployments.
The vulnerability (CVE-2021-1287) stems from an issue in the routers’ web-based management interface. It ranks 7.2 out of 10 on the CVSS scale, making it high severity.