Cisco's RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN router are also affected by a vulnerability tracked as CVE-2020-3331 with a CVSS score of 9.8 that can be exploited by an ...

It arises in the SSL VPN module of Cisco Small Business RV340, RV340W, RV345 and RV345P Dual WAN Gigabit VPN routers. It could allow unauthenticated RCE, according to the advisory.

Cisco has advised customers to trade in old Small Business RV VPN routers for newer models, as the old ones have high-severity vulnerabilities that it won’t be patching.

They could also access via a directory traversal issue. Using this, attackers could access Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers even remotely.

The flaws exist in the web-based management interface of Cisco’s small-business lineup of VPN routers. That includes its RV160, RV160W, RV260, RV260P, and RV260W models.

Cisco backs the RV110W Wireless-N VPN Firewall router with a lifetime limited warranty. The company also offers three years of small-business support service for an additional cost of $69.

The critical flaws affect the Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers. These were the models Cisco recommended customers using unsupported small business routers ...

Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and ...

The second security flaw of note is CVE-2020-3323 (CVSS 9.8) which impacts Cisco Small Business RV110W, RV130, RV130W, and RV215W routers.