At the turn of the year the security expert Eloi Vanderbeken frightened Internet users with his discovery of the router backdoor in port 32764. The network specialist Cisco now speaks and confirms, for the first time, security gaps for the devices RVS4000, WRVS4400N, WRVS4400N and WAP4410N. Via the port 32764, it is possible to start non-documented services via the Internet and to be able to read passwords and other data.
According to Cisco, the above Internet devices are prone to the security gap. RVS4000, WRVS4400N, WRVS4400N and WAP4410N listen on the 32764 port for commands that can be fed via the Internet, depending on the model. Through a so-called "root-level access", cybercriminals can get full control over the respective router as well as the connected network.
In our message about Port 32764 we described how to check a vulnerability of your router. Affected users can also test an existing Internet access to the gateway by performing a scan of port 32764, for example. If this happens, follow these steps: Change the access password for your router and look for firmware updates or security patches on the vendor's website.
Cisco reports in the corresponding security contribution to Port 32764 that there is no workaround for a corresponding, existing security problem. In January, the manufacturer promises to download a new firmware update to close the gap. On github.com, Vanderbeken has published a list of routers that you should be aware of in order to learn about potential hazards with your hardware.
No comments:
Post a Comment