The program, Cisco Global Exploiter, targets vulnerabilities in the Cisco Internetwork Operating System (IOS) and Catalyst products.
Reports suggested that the code, published on a website based in Italy, appears to give hackers a menu of choices, depending on the system they are trying to break into.
Cisco said that because IOS is widely deployed, "it is a focus for exploitative efforts by certain underground communities".
Graham Titterington, principal analyst at Ovum, warned users that, "Networks are so large that there will inevitably be holes." He advised firms to protect assets such as servers, desktops and personal digital assistants, rather than rely solely on perimeter-based security such as firewalls.
Phil Cracknell, chief technology officer at supplier netSurity, said, "Cisco has a lot of problems with users not being up-to-date with IOS." Organisations often forget the router when updating IT security, he said.
"When I conduct penetration testing, the router always comes up as an area to fix," Cracknell added. Part of the problem is poor router configuration, particularly in terms of access control lists (ACLs) that control which IP ports are open to network traffic.
"Users are not implementing ACLs [in the router configuration]," he said. According to Cracknell, an ACL could avoid attacks on ports 137/8/9, which have been under pressure recently. He said firewalls were far more effective if users filtered network traffic at the router first.
Mike Caudill, customer support engineer at Cisco Systems, said users should not panic. "Cisco focuses its efforts on helping to inform and protect its customers and has established processes and mechanisms to communicate with them on these sorts of issues."