Cisco patches backdoor in WAP4410N Wireless-N Access Point

Cisco patches backdoor in WAP4410N Wireless-N Access Point

Summary: Cisco has released the first of three firmware fixes to small business networking products that are vulnerable to complete compromise.

The Cisco WAP4410N Wireless-N Access Point

Cisco has issued updated firmware for the WAP4410N Wireless-N Access Point, a popular wireless device for small business. The company disclosed a severe vulnerability in it and other Cisco small business products earlier this month. An attacker exploiting this vulnerability through the LAN interface can access user credentials for the administrator account of the device and the device configuration or issue arbitrary commands on the device with escalated privileges.

The other affected products are:

Firmware updates for these other products are still forthcoming. Cisco had promised to release fixed software for the affected devices by the end of January 2014. There are no known workarounds for the problem.

Cisco says that "[N]o other Cisco products are currently known to be affected by these vulnerabilities."

The vulnerability was disclosed by Eloi Vanderbeken on his github page, where he also provided exploit code.

Topics: Security, Cisco, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • no, just login+password changed

    "The Recent Update By The apple i.e. IOS7 has a Back-door By NSA they can locate your iphone anytime and can track your calls and do anything they want Full "

    so they just changed login data, don't trust any US company talking about privacy due to secret law and court FISC in the USA

    the USA can not be trusted at all
    Jiří Pavelec
    • Where'd that iOS 7 claim come from?

      I have a very hard time believing it
      Larry Seltzer
      • From the Heart of his Bottom

        That is where most of these foil hat guys get their information.
  • Other routers were affected as well

    Click the link "on his github page" then the "issue 61" link under "Possible Fixes" for a list of other routers affected, which also lists some routers tested which were NOT affected.