Cisco has fixed critical code execution bugs in SMB VPN routers
Cisco has addressed pre-auth remote code execution (RCE) vulnerabilities affecting several VPN routers Those vulnerabilities allowed attackers to execute arbitrary code as root on successfully exploited devices. According to Cisco the reason vulnerabilities exist is because HTTP requests are not properly validated. Read more...