Cisco has eliminated various software vulnerabilities with high and medium ratings and updated sloppy router firmware. Updates are available that Cisco customers should install quickly. A quick update to the latest firmware versions is particularly advisable for owners of the routers mentioned: They fix further potential security risks, which Cisco has broken down into separate notices.
An appropriately filtered search query returns an overview of all security advisories as well as informational advisories for the router firmware on the Cisco website. The relevant versions and the corresponding update notes can be found in the advisories.
Researchers have now discovered a way to install Cisco backdoors on some models of company routers. If you consider the usual treatment of routers, this could go undetected for a long time. The concept of the attack looks simple, but in reality it is quite complex: If the perpetrator gains access to a vulnerable router, he can upload a modified firmware and as soon as he gets remote access to the device, he can install plugins and the device continue to compromise.
Careless Firmware Development
The mentioned informational advisors describe that the development teams of the firmware for the small business routers RV016, RV042 or RV320 have slopped. External security researchers discovered the shortcomings and reported them to Cisco. Apparently, the firmware program code contained a static host key as well as several static certificates and key pairs, which were used for test purposes and were forgotten in the firmware upon delivery. However, Cisco emphasizes that these relics were no longer used in live operation. Cisco does not seem to see any great danger, since the firmware for user authentication does not use / etc / shadow. An attacker with access to the operating system of affected devices could theoretically have obtained root rights in this way; however, the company knows of no way in which it could have obtained this operating system access.