A critical vulnerability has been found in Cisco’s wireless VPN and firewall routers
The vulnerability, CVE-2019-1663, is an improper validation error found in Cisco’s RV110W Wireless-N VPN Firewall, Cisco’s RV130W Wireless-N Multifunction VPN Router, and Cisco’s RV215W Wireless-N VPN Router. The vulnerability allows an attacker with any browser to execute code of their choice via the web interface.
A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.
Cisco has released a patch for the vulnerability that can be applied to fix the issue.