Cisco has announced fixes for three major vulnerabilities found in four different series of its SMB routers (opens in new tab).
The flaws, should they be exploited, would have allowed threat actors to launch code remotely, or trigger denial of service attacks.
Those that are unable to patch immediately are out of luck - there are no workarounds for these flaws, and the only way to mitigate the threat is to apply the fixes.
High-severity flaws galore
In Cisco’s security advisory (opens in new tab), the company said its Small Business RV160, RV260, RV340, and RV345 Series Routers were affected.
The flaws include CVE-2022-20827, a web filter database update command injection vulnerability with a severity score of 9.0.
“This vulnerability is due to insufficient input validation,” Cisco explains. “An attacker could exploit this vulnerability by submitting crafted input to the web filter database update feature ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE