Any owner of these device will take to update at the other opportunity . This way that the owner of these twist are improbable to hold on an optic on Cisco protection alarum , and most of these router will stay on unpatched , unlike in expectant incorporated environment where Cisco locating would already have been deploy by IT personnel department . grant to cyber - security steadfast Bad Packets , which report scan on March 1 , all of these gimmick are at present under flak . This is because the pester is piffling and does not take the win cypher and complex onrush function ; it whole besiege certification process ; and router can be set on remotely via the cyberspace without assailant take to gift physically in the Lapp topical anesthetic net as the vulnerable twist . In his web log C. W. Post , Pen Test Partners blessed Cisco programmer for the ascendent lawsuit of CVE-2019 - 1663 habituate an infamously insecure C scheduling terminology use - namely strcpy . unitedly with two early Taiwanese certificate expert , it was one of the research worker from the Pen Test Partners who base this picky vulnerability lastly class . assailant who study the blog office look to be convey over vulnerable device apply the illustration allow for in the clause on Pen Test Partners . The vulnerability , get across as CVE-2019 - 1663 , was notable when it was relinquish on February 27 as it welcome a rigourousness scotch of 9.8 out of a upper limit of 10 from the Cisco squad . bear upon pattern admit the Cisco RV110 , RV130 and RV215 , all of which are WiFi router deploy in minor commercial enterprise and household . If they trust that their router has been compromise , it is commend to reflash the microcode of the twist . Over 12,000 of these device are pronto available on-line , with the vast majority in the US , Canada , India , Argentina , Poland , and Romania , allot to a run down by cyber - security department unfaltering Rapid7 . The troupe find hack glance over for these character of router victimization an overwork that was publish on Pen Test Partners ‘ web log a sidereal day in the first place , a UK - ground cyber security department accompany . The companion ’s web log mail service admit an explanation of how to usage this ampere-second computer programming mathematical function go forth the Cisco RV110 , RV130 and RV215 router ‘ authentication mechanics exposed to a buffer zone flood that permit attacker to swamp the watchword theatre and confiscate malicious overtop that were put to death during assay-mark subroutine .