The vulnerabilities exist in Cisco’s RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses. Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to view or tamper with data, and perform other unauthorized actions on the routers. The flaws exist in the web-based management interface of Cisco’s small-business lineup of VPN routers. That includes its RV160, RV160W, RV260, RV260P, and RV260W models. VPN routers have virtual private network functionality built directly into them; that means they have firmware that can handle VPN connections in order to establish a secure connection at the hardware level. These specific router models, which range in price from $150 to $250, are purpose-built for small- and medium-sized businesses and are touted as being ideal for remote offices.