A fabricante Cisco, uma das maiores empresas de tecnologia da informação divulgou em seu site alguns produtos que contem BackDoor não "documentado".
Os equipamentos vulneráveis são: Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router e Cisco RVS4000 4-port Gigabit Security Router.
This vulnerability is due to an undocumented test interface in the TCP service listening on port 32764 of the affected device. An attacker could exploit this vulnerability by accessing the affected device from the LAN-side interface and issuing arbitrary commands in the underlying operating system. An exploit could allow the attacker to access user credentials for the administrator account of the device, and read the device configuration. The exploit can also allow the attacker to issue arbitrary commands on the device with escalated privileges
Divulgação: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd
Exploit: https://github.com/elvanderb/TCP-32764
Nenhum comentário:
Postar um comentário
Todos os comentários serão previamente avaliados pelos administradores. Obrigado.