Both ASUS and Cisco promises consumers and partners in Nordic to solve security fixes against a back door that was recently discovered in several of both companies routers sold in Nordic. But routers from other vendors will be affected and at least it is not known today if ASUS and Cisco has concrete plans to remove the back door from all future and earlier sold models. Partners and consumers have to stay in touch with both vendors for these security issues. Cisco has confirmed that the back door exist in certain editions of routers and access points with product number RVS4000 , WRVS4400N or WAP4410N. Cisco writes that an attacker via the back door can obtain root access and execute arbitrary commands on the underlying operating system. Cisco pledging a security for the said products by the end of January.
Now it's not just Cisco products are affected. A number of Netgear and Linksys products, as well as a couple of products from smaller suppliers will also be affected. Linksys was previously owned by Cisco, but was sold to Belkin last year .Neither Netgear or Linksys / Belkin seems to have come with ( readily available ) information about the back door . However, Asus will be in the process of rolling out a security to a number of routers. This update is not related to the back door as mentioned above, but involves a risky default settings related to FTP. If the user creates an FTP server on the router, the default setting was one that allows for unlimited access. It has given unauthorized full online access to the files on the USB devices connected directly to the router. The update ensures that the setting is changed so that access is limited.
Inga kommentarer:
Skicka en kommentar