Cisco releases security update for Critical UPnP vulnerability in small business routers

By / / Network Security, Security Updates & Patches, Vulnerabilities & Exploits / CallStranger, Cisco, CVE-2021-34730, Mirai, Pinkslipbot, Small Business, UPnP, UPnProxy
Cisco releases security update for Critical UPnP vulnerability in small business routers

Cisco has released a security update for a Critical UPnP vulnerability in Small Business router models, as well as multiple vulnerabilities in other Cisco products.

An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.

Small Business routers

The Cisco update is for a Critical vulnerability CVE-2021-34730 (CVSS score of 9.8) in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers.

Cisco warned the vulnerability “could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.”

Moreover, Cisco offered no patches or workarounds to address the vulnerability. Instead, users are urged to disable the UPnP service on both the LAN and WAN interface. The latter is disabled by default.

It is also worth noting the risk posed and past cyberattacks against UPnP, such as CallStranger, UPnProxy, Mirai, and Pinkslipbot malware, just to name a few.

Cyber experts also released best practices and lessons learned in guarding against Internet-of-things (IoT) attacks that look to exploit UPnP vulnerabilities.

Other Cisco products

In addition, Cisco also patched the following Medium risk vulnerabilities in Cisco products on August 18:

Readers can also check out Cisco’s security advisories page for more details on most recent Cisco product vulnerabilities and mitigations.

Related Articles