ID: IRCNE2014012067
Date: 2014-01-13
According to “ZDNet”, Networking giant Cisco has disclosed, but not yet patched, a LAN-based backdoor in several small business networking products. At attacker exploiting this vulnerability through the LAN interface could access user credentials for the administrator account of the device and the device configuration or issue arbitrary commands on the device with escalated privileges.
The affected products are:
Cisco RVS4000 4-port Gigabit Security Router running firmware version 2.0.3.2 and prior
Cisco WRVS4400N Wireless-N Gigabit Security Router hardware version 1.0 and 1.1 running firmware version 1.1.13 and prior
Cisco WRVS4400N Wireless-N Gigabit Security Router hardware version 2.0 running firmware version 2.0.2.1 and prior
Cisco WAP4410N Wireless-N Access Point running firmware version 2.0.6.1 and prior
Cisco says that "[N]o other Cisco products are currently known to be affected by these vulnerabilities."
The vulnerability results from "an undocumeted test interface in the TCP service listening on port 32764...".
Cisco plans to release fixed software for the affected devices by the end of January 2014. There are no known workarounds for the problem.
- 3