Cisco has issued a notice dedicated to the owners of a series of routers produced by the company on which numerous vulnerabilities have been found , 74 to be precise. These are models intended for SMEs, which however reached the End of Life between 2017 and the 2018: the latest update is from December 1st 2020, and does not cover these bugs. Cisco’s advice is to replace them as soon as possible with newer devices.

Vulnerable Cisco routers

Cisco has issued three security advisories (we can find them here, here and here) related to routers RV 110 W, RV 130, RV 130 W e RV 215 W . These models are plagued by a total of 74 bugs, ranging from simple crashes to more serious security problems, which could lead an attacker to take control of systems and even hijack their traffic. Simply put, they are insecure .

Support for these products ended on December 1st 2020 , when the latest security patch was released, and no additional firmware is planned. As a result, the company recommends upgrading to newer models, which are not vulnerable and are still actively supported.

Although we suggest to change them as soon as possible, it must be said that the vulnerabilities found are not easy to exploit: to do so, an attacker should in fact have access credentials , which will make the IT teams breathe a sigh of relief and can plan their replacement with a little more confidence, which in any case it is highly recommended.