Cisco Systems agreed to remove Edition Firmware updates a rear door of a wireless access point router and two of her later this month.The undocumented feature might not win authenticated attacker administrative access to devices.
The vulnerability was discovered during the Christmas holidays on a Linksys router WAG200G by a security researcher named Eloi Vanderbeken.He found that the device had a service listens on TCP port 32764,and the connection that allows a remote user to send commands without authentication device and reset the administrator password.
By others later reported that same backdoor was present in multiple devices from Cisco,Netgear,Belkin and other manufacturers. In many devices this is not documented interface is accessible only from the local network or WiFi, but on some devices it is also accessible from the Internet.
Cisco identifies the flaw in their WAP4410N Wireless-N Access Point,Wireless -N Gigabit Security Router WRVS4400N and 4- Port Gigabit Router RVS4000 Security.The company is no longer responsible for the Linksys router's consumer division of Belkin since early last year sold.
The vulnerability is caused due to a test interface that can access from the LAN side of the RVS4000 and WRVS4400N router and wireless network device WAP4410N Wi-Fi access point.An attacker could this vulnerability through access to the affected device from the LAN interface and the underlying operating system to use the issue to execute arbitrary commands,Cisco said in a statement released on Friday.An exploit could allow the attacker to access the credentials for the account on the device and read the device settings.
Successful attack allows the attacker to issue arbitrary commands on the device with elevated privileges.
The company said there are no known solutions that could mitigate this vulnerability,in the absence of a firmware update.The SANS Internet Storm Center , a cyber threat monitoring organization , warned earlier this month that she has discovered probes for TCP port 32764 on the Internet, probably targeting this vulnerability.
The vulnerability was discovered during the Christmas holidays on a Linksys router WAG200G by a security researcher named Eloi Vanderbeken.He found that the device had a service listens on TCP port 32764,and the connection that allows a remote user to send commands without authentication device and reset the administrator password.
By others later reported that same backdoor was present in multiple devices from Cisco,Netgear,Belkin and other manufacturers. In many devices this is not documented interface is accessible only from the local network or WiFi, but on some devices it is also accessible from the Internet.
Cisco identifies the flaw in their WAP4410N Wireless-N Access Point,Wireless -N Gigabit Security Router WRVS4400N and 4- Port Gigabit Router RVS4000 Security.The company is no longer responsible for the Linksys router's consumer division of Belkin since early last year sold.
The vulnerability is caused due to a test interface that can access from the LAN side of the RVS4000 and WRVS4400N router and wireless network device WAP4410N Wi-Fi access point.An attacker could this vulnerability through access to the affected device from the LAN interface and the underlying operating system to use the issue to execute arbitrary commands,Cisco said in a statement released on Friday.An exploit could allow the attacker to access the credentials for the account on the device and read the device settings.
Successful attack allows the attacker to issue arbitrary commands on the device with elevated privileges.
The company said there are no known solutions that could mitigate this vulnerability,in the absence of a firmware update.The SANS Internet Storm Center , a cyber threat monitoring organization , warned earlier this month that she has discovered probes for TCP port 32764 on the Internet, probably targeting this vulnerability.
