Categories
Cell Phones
Cell Phone Accessories
Tablet PC
Tablet Accessories
iPhone Accessories
Samsung Accessories
Others

Cisco refers to backdoor in some small business routers

2014-03-21  |  Comebuy News

Cisco has pointed out a back door into some of its network products for small and medium-sized enterprises (SMEs). You could allow an attacker to gain root access to the affected small-business devices and to read the configuration thanks to extended rights or execute arbitrary commands. The vulnerability can be exploited via the LAN interface of the RVS4000 and WRVS4400N router models, as well as the Wi-Fi access point WAP4410N.

Also the Germany-available WLAN access point WAP4410N has the back door (image: Cisco).

The vulnerability results from "an undocumented test interface in the TCP service that listens on port 32764" Cisco according to. The backdoor was discovered by Eloi Vanderbeken has published an exploit code on its Github page.

"Cisco RVS4000 4-Port Gigabit Security router" with firmware versions are specifically affected by 2.0.3.2, "Cisco WRVS4400 Wireless-N Gigabit Security router" in the hardware versions 1.0, 1.1 and 2.0 firmware 1.1.13 respectively 2.0.2.1 or earlier as well as "Cisco WAP4410N Wireless-N Access point" with firmware 2.0.6.1 or older. "No other Cisco products are affected according to current otherwise by these vulnerabilities", emphasizes the manufacturer.

All vulnerable devices are Cisco, not Linksys brand products. Until March 2013, Cisco was the owner of Linksys before it sold the Division to Belkin.

Cisco promises a software update by the end of January, which should remove the backdoor for all affected devices. There is no a workaround so far.

[with material by Larry Seltzer, ZDNet.com]

Tip: How safe are you in security? Check your knowledge - with 15 questions on silicon.de

« Back