Menu
What's new
By:
Filters
Better Search

Cisco under attack, again.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

L&LD

L&LD

Part of the Furniture
From what I can tell it is not related to Cisco small business networking gear. It relates to a web interface on the front end of the network. I think turning off the web interface on the internet device is a work around.

I don't believe Cisco has any currently supported small business routers so it is a non issue for me.
 
coxhaus said:
From what I can tell it is not related to Cisco small business networking gear. It relates to a web interface on the front end of the network. I think turning off the web interface on the internet device is a work around.

I don't believe Cisco has any currently supported small business routers so it is a non issue for me.
Click to expand...

It's devices that run IOS XE - and it's the WebUI...

There's a privilege escalation bug that allows the attacker to create a new local user account - the exploit drops in a web implant, but that implant is not persistent, so a reboot can clear it - the local user account still exists however.

Depends on the environment - most gear of this type has the management interface segregated out on a management VLAN, so someone on the production LAN/VLAN wouldn't have access to the WebUI in any case.

But... some folks are not quite as aware, so the WebUI may be accessed on the regular network.

Unfortunately, there are some IOS XE platforms that are internet accessible, and this is why the Severity Level is what it is...
 
You must log in or register to reply here.

Similar threads

L&LD
Citrix is vulnerable, applying patch isn't enough. 9.8 Rating
Replies
2
Views
305
sfx2000
sfx2000
sfx2000
News SSID Confusion attack, tracked as CVE-2023-52424
Replies
4
Views
597
sfx2000
sfx2000
PR3MIUM
Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks
Replies
15
Views
753
sfx2000
sfx2000
P
ASUS ET8 Firmware 388_23759
Replies
2
Views
1K
nicholb
N
M
IPv6 and Router Advertisement adding route to delegated /56 via WAN interface
Replies
0
Views
317
MrC99
M
Similar threads
Thread starter Title Forum Replies Date
PR3MIUM News Cisco warns of large-scale brute-force attacks against VPN and SSH services General Network Security 2
L&LD Now, it's Cisco's turn (at least for its older hardware). General Network Security 7
sfx2000 News SSID Confusion attack, tracked as CVE-2023-52424 General Network Security 4
PR3MIUM 5Ghoul Attack (5G modems from Qualcomm and MediaTek) General Network Security 0
P News Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack General Network Security 15

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 648 (members: 28, guests: 620)
Top