Backdoor exposed in Cisco small business devices

Backdoor exposed in Cisco small business devices

Summary: Several Cisco small business networking products have an undocumented "test interface" which could allow a LAN-based user to gain root access. Public exploit code is available.


Networking giant Cisco has disclosed, but not yet patched, a LAN-based backdoor in several small business networking products. At attacker exploiting this vulnerability through the LAN interface could access user credentials for the administrator account of the device and the device configuration or issue arbitrary commands on the device with escalated privileges.

The affected products are:

Cisco says that "[N]o other Cisco products are currently known to be affected by these vulnerabilities."

The vulnerability results from "an undocumeted test interface in the TCP service listening on port 32764..." The vulnerability was disclosed by Eloi Vanderbeken on his github page, where he also provided exploit code.

Cisco plans to release fixed software for the affected devices by the end of January 2014. There are no known workarounds for the problem.

Note: These are Cisco-branded, not Linksys products. Cisco owned Linksys until March, 2013, but it is now owned by Belkin.

Topics: Security, Cisco, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Remember people...

    ..even though these routers are based on a *NIX operating system, it is the firmware written by Cisco and not the operating system that has been compromised.

    Yours truly, every freetard hive-protector.
    • Linux is BROKE!