Cisco has fixed two critical flaws affecting its Small Business VPN routers. The issues stem from a lack of proper validation of the web-based management interface of the devices. If exploited, the flaws could allow an unauthenticated, remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition. The company noted there’s been no evidence of active exploitation attempts in the wild for any of these flaws, nor are there any workarounds that address the vulnerabilities.
Source: https://thehackernews.com/2021/08/cisco-issues-critical-security-patches.html