Cisco ‘Test Interface’ exploit discovered in routers

There’s a severe vulnerability in a number of Cisco routers that may give an attacker root level entry. The exploit is a result of a backdoor within the routers which was setup as a test interface, and Cisco doesn’t yet have patches offered to repair it.

Cisco stated the vulnerability is “an undocumented test interface” that affects Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router and it might be utilized by a remote attacker to grab administrator credentials from the vulnerable router and then run arbitrary commands.

“This vulnerability can be triggered from the LAN interfaces of the Cisco WRVS4400N Wireless-N Gigabit Security Router and the Cisco RVS4000 4-port Gigabit Security Router from the wireless LAN (WLAN) and the LAN interfaces of the Cisco WAP4410N Wireless-N Access Point,” the Cisco advisory mentioned.

The current products affected:

•  Cisco RVS4000 4-port Gigabit Security Router running firmware version 2.0.3.2 and prior
• Cisco WRVS4400N Wireless-N Gigabit Security Router hardware version 1.0 and 1.1 running firmware version 1.1.13 and prior
• Cisco WRVS4400N Wireless-N Gigabit Security Router hardware version 2.0 running firmware version 2.0.2.1 and prior
• Cisco WAP4410N Wireless-N Access Point running firmware version 2.0.6.1 and prior

“This vulnerability is due to an undocumented test interface in the TCP service listening on port 32764 of the affected device. An attacker could exploit this vulnerability by accessing the affected device from the LAN-side interface and issuing arbitrary commands in the underlying operating system. An exploit could allow the attacker to access user credentials for the administrator account of the device, and read the device configuration. The exploit can also allow the attacker to issue arbitrary commands on the device with escalated privileges.”

The wireless routers that may contain the vulnerability are all near end of life, but Cisco still intends to issue patches for them. The corporation declared it’ll release the firmware versions by the end of January.