A critical security vulnerability in Cisco Small Business Routers (RV110W, RV130, RV130W, and RV215W models) allows remote code execution (RCE) and denial of service (DoS). This vulnerability, ranked as CVE-2021-34730, is due to improper validation of incoming UPnP traffic. There will be no patch or workaround will be coming for the bug, as they reached end-of-life back in 2019.
Determine and disable UPnP
The company released an advisory for its users. Cisco recommends some ways to determine the UPnP Configuration, saying,
“To determine whether the UPnP feature is enabled on the LAN interface of a device, open the web-based management interface and navigate to Basic Settings > UPnP. If the Disable check box is unchecked, UPnP is enabled on the device.”
To disable UPnP on the LAN interface of a device, there are two steps:
- Open the web-based management interface and choose Basic Settings > UPnP.
- Check the Disable check box.
Migration to the Cisco Small Business RV132W, RV160, or RV160W Routers is also recommended.
The other critical flaw is a critical BadAlloc flaw impacting BlackBerry QNX Real-Time Operating System. This bug ranked as CVE-2021-22156 allows threat actors to take over or launch DoS attacks on devices and critical infrastructure. While disclosing the bug this week, Cisco is still investigating its product line to determine which vulnerability may change products and services.