Cisco Patches Critical Vulnerability in Cisco Small...

Cisco Patches Critical Vulnerability in Cisco Small Business VPN Routers (CVE-2021-1609)

On August 4, Cisco released several advisories, including one advisory that addresses two vulnerabilities in a subset of its Small Business VPN routers. The affected routers include the RV340 and RV340W as well as the RV345 and RV345P.

Of the two vulnerabilities, the most critical, CVE-2021-1609, is a remote code execution and denial of service vulnerability in the web management interface of the Cisco Small Business VPN Routers. The other, CVE-2021-1610, is a high-rated command injection vulnerability in the same interface. One key difference between the two is that the latter requires authentication as a user with root privileges.

Cisco notes that both of these vulnerabilities can be exploited independently, and that certain versions of the Small Business VPN Routers may be vulnerable to one and not the other.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Cisco Patches Critical Vulnerability in Cisco Small...

Recent Discussions

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

Americas

Europe

Asia / Australia