Cisco recommends customers to upgrade VPN routers or Risk Attack

Cisco advised customers to swap out old Small Business RV  routers in favor of newer models.

The old models have serious vulnerabilities that Cisco won't patch.

The vulnerability was discovered by the company in a lack of user input validation for incoming HPPT packets.

An  attacker could gain root-level privileges by sending a  "specially-crafted request" to these devices' web-based management  interface. They would have access to the  endpoint .

It  was offered in four different models that include it's the RV110W  Wireless-N VPN Firewall, the RV130 VPN Router, the RV130W Wireless-N  Multifunction VPN Router, and the RV215W Wireless-N VPN Router.

The  flaw cannot be exploited without the web-based remote management  interface for WAN connections being enabled. By default it is not. However, a Shodan search can still uncover many exposed devices.

To guard from cyberattacks of all types Businesses should keep their hardware and software up-to-date as well as employ an antivirus and firewall solution, and also educate employees about the risks of phishing as well as ransomware..