Submission + - Serious Vulnerabilities Found in Popular Cisco Home Wireless Routers
Trailrunner7 writes: A handful of vulnerabilities have been identified in the Cisco Linksys EA2700 Network Manager N600 Wireless-N routers, which has been on the market a little more than a year, and is a popular choice not only for home users, but for small businesses.
Pen-tester and researcher Phil Purviance, who has presented similar research at security industry events, reported his findings to Cisco on March 5. No patches are available yet.
His research looked at the administration features on the embedded management website. The vulnerabilities he found range in severity and simplicity to exploit.
A cross-site scripting bug was found on the router’s apply.cgi that works regardless of authentication and would allow an attacker to access the device, change settings or upload modified firmware.
Pen-tester and researcher Phil Purviance, who has presented similar research at security industry events, reported his findings to Cisco on March 5. No patches are available yet.
His research looked at the administration features on the embedded management website. The vulnerabilities he found range in severity and simplicity to exploit.
A cross-site scripting bug was found on the router’s apply.cgi that works regardless of authentication and would allow an attacker to access the device, change settings or upload modified firmware.