Panic At The Cisco! Five New Bugs, Three Of Which Are Perfect 10’s

Source: The Register Panic At The Cisco!  Five New Bugs, Three Of Which Are Perfect 10’s

Some Security Patches For Your Cisco Routers … No Not Yours, Just Those Other Ones

Cisco decided to give us a great start to the week by providing details on five critical bugs affecting four models of routers, of which three bugs are of the highest severity.  The problem isn’t so much that they notified us, the issue lies in the fact they have yet to offer patches for two of the four effected models.

The specific routers are the RV160, RV260, RV340 and RV345 and if you have any of the latter two on your network you should apply the security patches.  If you are running a RV160 or RV260 then so far the advice is to turn them off and hurry up and wait.  The three top rated vulnerabilities cover it all, with remote code execution, privilege escalation and command injection all currently possible.  These are all possible to achieve without physical access to your hardware, all can be done via HTTPS or submitting commands over the network.

According to a report The Register saw, there are “at least 8,400 publicly accessible” Cisco routers which are not patched against these flaws, but the good news is that though the proof of concepts exist security firm Tenable’s Shodan scan showed no sign of exploits posted to the usual repositories.

If that's not enough to worry about, the boxes can also be made to create DDoS attacks.

Video News

About The Author

Jeremy Hellstrom

Call it,, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!