Network gear maker Cisco Systems Inc. said it will release firmware updates to plug a backdoor found in two of its routers and a wireless access point that could provide attackers administrative control over the devices.
Cisco said the previously undocumented feature was found in its WRVS4400N Wireless-N Gigabit security router, its RVS4000 4-port Gigabit security router and its WAP4410N Wireless-N access point.
“An attacker could exploit this vulnerability by accessing the affected devices from the LAN-side interface and issuing arbitrary commands in the underlying operating system,” Cisco said in an advisory it issued on its Web site Friday. “An exploit could allow the attacker to access user credentials for the administrative account of the device, and read the device configuration.”
The company said an attacker can also issue arbitrary commands on the device with “escalated privileges.”
Security researcher Eloi Vanderberken discovered the vulnerability over the Christmas holiday, according to a report from technology publication Networkworld.com.
He said he found that connecting to his Linksys WAG200G allowed a remote user to send unauthenticated commands to the device and reset the admin password. Other users later reported finding the same backdoor on Cisco, Netgear and Belkin devices. In some devices, this type of backdoor can be accessed from the Internet.
Cisco said there are no known workarounds to the vulnerability. It said it will issue a firmware update this month.