Critical Flaw Patched in Cisco Firewall Devices

By | January 29, 2016

Cisco Firewall

Cisco patched a critical flaw reported by an anonymous researcher. They have released a firmware update for its RV220W wireless network security firewall, Using this vulnerability hacker can gain administrative previleage to the device.

What was the vulnerability

A remote unauthenticated attacker can send specially crafted HTTP requests containing malicious SQL statements to the device in order to bypass authentication and access it with administrative privileges.

Vulnerable Products

Cisco RV220W Wireless Network Security Firewall devices running firmware releases prior to 1.0.7.2 are affected by this vulnerability.

According to Cisco statement

The vulnerability is due to insufficient input validation of HTTP request headers that are sent to the web-based management interface of an affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a crafted HTTP request that contains malicious SQL statements to the management interface of a targeted device.

Check your device

This vulnerability could allow an attacker to gain administrative privileges on an affected device. If the Authentication, Accounting, and Authorization (AAA) log files for a device contain suspect or malicious login data, the device may have been compromised by this vulnerability.

An attack exploiting this vulnerability only works if the remote management feature is enabled on the targeted device. Users who cannot apply the firmware update can disable remote management or restrict access to the feature.

Subscribe for latest security updates