loader image

Do you own one or more of the following products made by Cisco?

  • The RV110W Wireless-N VPN Firewall
  • The RV130 VPN Router
  • The RV130W Wireless-N Multifunction VPN Router
  • The RV215W Wireless-N VPN Router

If so, be advised that a new and critical security vulnerability has been found that impacts your equipment.  It is being tracked as CVE-2022-20825.  With a severity rating of 9.8 out of a possible 10, it’s about as serious an issue as it’s possible to have.

What is worse is that because the equipment referenced above is older and at the end of its service life, Cisco announced that there will be no patches to address this recently discovered security vulnerability.

Per a recent Cisco security advisory, the flaw exists because of insufficient user input validation of incoming HTTP packets on impacted devices.

It should be noted that this flaw only impacts devices that have their web-based remote management interface enabled on WAN connections.  If you’re not doing that, then even if you have an older piece of Cisco equipment, you’ve got nothing to worry about.

If you’re not sure whether remote management is enabled or not, just use the following steps. Log into the web management interface and make your way to “Basic Settings” and then “Remote Management.”  From there, just verify whether the box is checked or not and you’re all set.

In cases like these, we do wish companies were willing to be a bit more flexible. However, on the other hand, it’s easy to see how an offer of more time would be abused. So while we feel your pain if you own one of the impacted devices and we also understand why Cisco is taking a hard line and not granting any wiggle room.

All that to say, if you’re still using one of the devices referenced above, upgrade to a newer piece of equipment as soon as possible.

FREE Report

The Portland Metro Area Guide to IT Support Services and Fees

What you should expect to pay for its support for your small business (and how to get exactly what you need without unnecessary extras, hidden fees, and bloated contracts)

Name(Required)
This field is for validation purposes and should be left unchanged.