Security researchers have reported a vulnerability in the web server code of Cisco’s main router operating system.
The flaw affects Cisco’s Internetwork Operating System (IOS) used in the majority of Cisco’s routers and switches.
Armed with only the IP address of the router, the flaw potentially allows remote attackers to gain administrative control of a router or run arbitrary code on networks.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The threat has been reported by both the Secunia and SecurityFocus internet security firms.
Using the opening, attackers can potentially view the data of a router’s memory, otherwise known as a memory dump. This can be used to gain administrator privileges.
Only Cisco routers running on IOS HTTP server software are affected. IOS HTTP is used as a less complicated way to implement and manage Cisco routers, as it is an alternative to text-based command line instructions.
Cisco routers with IOS software versions 11.0 and higher are vulnerable, as they ship with the HTTP server software.
The HTTP server feature is not enabled by default in most IOS versions installed on routers, although companies may find that their reseller or integrator has switched on the software.
Cisco says it is aware of the potential threat and is considering whether to issue a patch.