Blog

These Small Business Cisco Routers Should Be Replaced

Sep 4, 2021 | Blog

Do you own any of the following Cisco UPnP (Universal Plug and Play) routers?

  • RV110W
  • RV130
  • RV130W
  • Or RV215W

If you do then you will want to replace your gear as quickly as possible. The small business VPN routers listed above are nearing their end of life and end of support and the company recently announced that there will be no additional security patches coming.

That’s significant because these VPN UPnP routers are plagued by a serious zero-day bug tracked as CVE-2021-34730.

It should be noted that there are no known proof of concept exploits for this vulnerability and there are no known instances of it having been abused by hackers in the wilds. Even so it is just a matter of time before someone somewhere in the world takes advantage of it. This is especially true given that Cisco has specifically indicated that they have no intention of patching the issue.

If you’re not in a position where you can upgrade to a newer router then there is a relatively simple workaround that will eliminate your risk. Be aware that doing so will limit the equipment’s utility.

The issue abuses the VPN feature of the routers in question. Simply toggling the VPN service off (disabling it) will protect you from being attacked via this avenue, at least.

If you’re not sure how to toggle the VPN setting off, Cisco offered the following on a recent security bulletin.

“To determine whether the UPnP feature is enabled on the LAN interface of a device, open the web-based management interface and navigate to Basic Settings > UPnP. If the Disable check box is unchecked, UPnP is enabled on the device.”

The advice is helpful but it’s a pity that Cisco made the decision not to patch the security flaw. Upgrade as quickly as you’re able to.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech