Struts bugs , Umbrella misconfig and router Guest accounts fixed Vulnerability-related.PatchVulnerability . Cisco has issued security alerts Vulnerability-related.DiscoverVulnerability for 30 vulnerabilities across a range of its products and services , with three being ranked Vulnerability-related.DiscoverVulnerability as critical and remotely exploitable . Some 20 different Cisco products contain Vulnerability-related.DiscoverVulnerability a vulnerable version of the Apache Struts 2 framework that is currently under active exploitation by miscreants dropping cryptocurrency miner malware on exposed systems . Of these , 18 are not vulnerable Vulnerability-related.DiscoverVulnerability to any exploitation vectors for the Struts flaw , Cisco said Vulnerability-related.DiscoverVulnerability . Five Cisco products , SocialMiner , Identity Services Engine , Finesse , Unified Contact Centre Enterprise and the Video Distribution Suite for Internet Streaming have received Vulnerability-related.PatchVulnerability patches for the Struts vulnerability . Cisco 's cloud-hosted Network Performance Analysis service is yet to get Vulnerability-related.PatchVulnerability a Struts update though . A critical flaw in the application programming interface ( API ) for Cisco 's cloud-based Umbrella allowed attackers to view and potentially modify data across multiple organisations using the secure internet gateway service . The vulnerability stems from insufficient authentication configurations for the Umbrella API , and has been patched Vulnerability-related.PatchVulnerability by Cisco with no user action required . Two high-impact vulnerabilities in the Umbrella Enterprise Roaming Client and Enterprise Roaming Module that could be exploited Vulnerability-related.DiscoverVulnerability by attackers to elevate user privileges to Administrator level have also been patched Vulnerability-related.PatchVulnerability by Cisco . A third critical vulnerability can be exploited Vulnerability-related.DiscoverVulnerability to run code remotely on the Cisco RV110W VPN firewall and RV130W and RV215W wireless VPN routers , or freeze the devices in denial of service attacks . Patches for the vulnerability address Vulnerability-related.PatchVulnerability an improper boundary restriction on input via the Guest user account in the devices ' web-based remote management interface , Cisco said . Cisco also patched Vulnerability-related.PatchVulnerability three high impact vulnerabilities in the above network devices , which could be exploited Vulnerability-related.DiscoverVulnerability to remotely execute arbitrary commands and read sensitive information on them . Of the thirty vulnerabilities disclosed Vulnerability-related.DiscoverVulnerability , 13 are ranked Vulnerability-related.DiscoverVulnerability as high impact .