Wrvs4400n

In December 2013, security researcher Eloi Vanderbeken found a backdoor in combination DSL modem / wireless router devices manufactured by Taiwanese ODM Sercomm that allow attackers to reset the configuration of the device to factory default, as well as provide access to a command-line shell to activate wireless administrative access or resetting passwords, among other possibilities. This issue was unceremoniously patched by Sercomm, and the vendors of the affected devices, Netgear, Cisco/Linksys, and Diamond, published updates for the hardware to remove the vulnerability.But this did not remove the vulnerability.Originally, the vulnerability was moderately transparent: the router would listen for messages on TCP 32764. While crafted attacks were possible, as there is a rather feature-complete shell available, brute force would result in the router simply being reset, alerting the owner that something is going on. Note that not all devices affected by this bug required the attacker to … [Read more...] about Faulty Sercomm router patch leaves backdoor intact

Cisco Systems promised to issue firmware updates removing a backdoor from a wireless access point and two of its routers later this month. The undocumented feature could allow unauthenticated remote attackers to gain administrative access to the devices.The vulnerability was discovered over the Christmas holiday on a Linksys WAG200G router by a security researcher named Eloi Vanderbeken. He found that the device had a service listening on port 32764 TCP, and that connecting to it allowed a remote user to send unauthenticated commands to the device and reset the administrative password.It was later reported by other users that the same backdoor was present in multiple devices from Cisco, Netgear, Belkin and other manufacturers. On many devices this undocumented interface can only be accessed from the local or wireless network, but on some devices it is also accessible from the Internet. + ALSO ON NETWORK WORLD 15 more useful Cisco sites +Cisco identified the vulnerability in its … [Read more...] about Cisco promises to fix admin backdoor in some routers

On January 10th, Cisco confirmed an undocumented backdoor in several of their small business routers which "could allow an unauthenticated, remote attacker to gain root-level access to an affected device.The details:This vulnerability is due to an undocumented test interface in the TCP service listening on port 32764 of the affected device. An attacker could exploit this vulnerability by accessing the affected device from the LAN-side interface and issuing arbitrary commands in the underlying operating system. An exploit could allow the attacker to access user credentials for the administrator account of the device, and read the device configuration. The exploit can also allow the attacker to issue arbitrary commands on the device with escalated privileges.Cisco indicated that they will be releasing free updates for the affected product. I have to admit that I can't help myself but to laugh when I read their official title for this one, "Undocumented Test Interface in Cisco Small … [Read more...] about Cisco confirms undocumented backdoor