The following Cisco firewall is publicly accessible and looks out-dated :
It is critical to update to a safe version as soon as possible since multiple CVEs allow remote attackers to DoS or achieve RCE (Remote code execution) on the firewall. Those vulnerabilities are currently used in ransomware campaign and could damage your network.
Reference:
Severity: critical
Fingerprint: eea4a14a4ef6fd47577723470958170ab680f37c5af1ec5704673786b009390d
Found CISCO RV34X web frontend Frimware build 2019-4-4 Version: 1.0.03.15 Affected by cve-2022-20699 Affected by cve-2022-20701 Affected by cve-2022-20707 Affected by cve-2022-20708 Affected by cve-2022-20709 Affected by cve-2022-20710 Affected by cve-2022-20711 Affected by cve-2022-20712 Affected by cve-2022-20749
Open service 50.74.231.27:444
2024-03-03 05:20
HTTP/1.1 200 OK Date: Sun, 03 Mar 2024 05:20:31 GMT Content-Type: text/html Content-Length: 727 Last-Modified: Fri, 25 Jan 2019 01:35:42 GMT Connection: close ETag: "5c4a67ee-2d7" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self' X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self' X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self' Accept-Ranges: bytes Page title: Fireware XTM User Authentication <html> <head> <title>Fireware XTM User Authentication</title> <noscript> The Fireware XTM User Authentication web page requires that JavaScript be enabled in your Web Browser. Please retry after enabling JavaScript in your browser. You can use the browser's Back button to return to the page you were previously viewing. </noscript> </head> <body> <script> var newloc = "/wgcgi.cgi?action=sslvpn_web_logon&fw_logon_type=status"; var search = window.location.search; if (search.length > 1) { search = search.substring(1); newloc += "&" + search; } window.location = newloc; </script> </body> </html>