Cisco introduced not long ago that it would not be releasing software package updates for a vulnerability with its Common Plug-and-Participate in (UPnP) service in Cisco Compact Small business RV110W, RV130, RV130W, and RV215W Routers.
The vulnerability will allow an unauthenticated, distant attacker to execute arbitrary code or trigger an impacted gadget to restart unexpectedly, resulting in a denial of company (DoS) problem.
“This vulnerability is thanks to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP ask for to an impacted system. A thriving exploit could enable the attacker to execute