SOHO CISCO Wireless Kits are under Threat Once Again! No Update is available!

According to a report of Security Expert “Samuel Huntley”, Three CISCO Wireless kits are vulnerable to a major security issue. The vulnerability is available in the web interfaces of affected Wireless Kits. This vulnerability is allowing hackers to do remote attacks on it, by sending specially crafted HTTP requests. Hackers could work as root and may execute malicious codes in the devices.

What is the Vulnerability?

Improper management of HTTP user-supplied input is its main reason. Hackers could send a specially crafted HTTP request through the device. Hackers could gain privileges of root and can execute malicious codes and scripts in the devices to conduct a remote hack, with the help of an exploit. If they have access of the device, they could conduct many other remote attacks too. Users may face a huge loss. Hackers could steal the session authentication cookies from user’s system. By doing this they could use services on the behalf of victim.

Which Devices are Vulnerable?

Security Researchers and network engineers are saying that, SOHO Devices as worst network devices at the moment. According to them, the devices of SOHO are not properly configured and very poorly protected. Your little mistake may lead you to a huge risk. A number of Firmware vulnerabilities in SOHO devices have already been discovered by researchers. The exploits of these vulnerabilities are also available on the Internet. Hackers are taking advantage of their exploits. If you are using products of SOHO Cisco’s products, keep them up to date. Hackers are taking advantage of their exploits:

RV215W Wireless-N VPN Router

RV110W Wireless-N VPN Firewall

RV130W Wireless-N Multifunction VPN Router

Response of CISCO?

Not a single update has been released by company to fix this vulnerability. They are still working on it. May be they will release updates in the third quarter of this year. CISCO will release updates after few months in following order:

Release 1.3.0.8., For the Cisco RV215W Wireless-N VPN Router

Release 1.2.1.7; For the Cisco RV110W Wireless-N VPN Firewall

Release 1.0.3.16; For the Cisco RV130W Wireless-N Multifunction VPN Router

Some Security Tips for Users

If you are using any of the above vulnerable wireless kit, you may disable the remote management feature on your device. It will help you to protect your network from remote hacks.

Click on:

Basic Settings> Remote Management

From here, you could uncheck the Enable check box, to disbale this feature.