Cisco Will Not Fix Authentication Bypass Flaw Affecting Multiple Small Business VPN Routers
Posted: Fri Nov 22, 2024 5:17 am
The vulnerability tracked as (CVE-2022-20923) in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers will not be patched since the devices have reached end-of-life (EoL).
According to the security advisory published by Cisco, “It allows an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network”.
https://cybersecuritynews.com/cisco-wil ... pass-flaw/
According to the security advisory published by Cisco, “It allows an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network”.
https://cybersecuritynews.com/cisco-wil ... pass-flaw/