Cisco has fixed multiple pre-auth remote code execution (RCE) vulnerabilities affecting several small business VPN routers. The vulnerabilities were discovered and reported to Cisco by T. Shiomitsu, swings of Chaitin Security Research Lab, and simp1e of 1AQ Team. The company has fixed the vulnerabilities in firmware releases 1.0.01.02 and later issued for all impacted routers. Cisco says that its Dual WAN Gigabit VPN Routers are not affected by the bugs.
Source: https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-code-execution-bugs-in-smb-vpn-routers/