Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

RoHe

12 Elder

 • 

45.2K Posts

 • 

172.6K Points

37228

July 18th, 2014 14:00

Cisco WiFi router security issue

A flaw in Cisco's consumer-grade router security might leave Wi-Fi exposed. The following products may be at risk:

  • Cisco DPC3212 VoIP Cable Modem
  • Cisco DPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
  • Cisco EPC3212 VoIP Cable Modem
  • Cisco EPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
  • Cisco Model DPC3010 DOCSIS 3.0 8x4 Cable Modem
  • Cisco Model DPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
  • Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA
  • Cisco Model EPC3010 DOCSIS 3.0 Cable Modem
  • Cisco Model EPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA

Hackers can use a "buffer overflow" that overrides your router's log-in screen. The exploit allows access to your router's administrator panel without a username or password.

Cisco says there are no known workarounds at this time...

ky331

5 Journeyman

 • 

15.6K Posts

 • 

45K Points

July 18th, 2014 17:00

More information, from http://nakedsecurity.sophos.com/2014/07/17/cisco-warns-of-big-remote-management-hole-in-tiny-routers/

They maintain there IS a workaround:  to turn off Remote Management... in which case, "only users already connected to your network from the inside can get at the buggy web server, greatly reducing your risk".

joe53

2 Intern

 • 

5.8K Posts

 • 

17.3K Points

July 18th, 2014 19:00

I have an ISP-provided Cisco DPC3825 wireless gateway, so this is not good news.

I called my ISP about this, and they claimed no knowledge of any problem (typical).

Using the nakedsecurity link provided by ky331, I was able to access the Administration, but not the Management page to disable "Remote Management". My ISP tells me this is by design, as they don't want customers messing with their router configuration, for their own protection. I cannot believe such arrogance, where my ISP is controlling my router/modem  settings.

:emotion-39:

RoHe

12 Elder

 • 

45.2K Posts

 • 

172.6K Points

July 19th, 2014 19:00

I have an ISP-provided Cisco DPC3825 wireless gateway, so this is not good news.

I called my ISP about this, and they claimed no knowledge of any problem (typical).

Using the nakedsecurity link provided by ky331, I was able to access the Administration, but not the Management page to disable "Remote Management". My ISP tells me this is by design, as they don't want customers messing with their router configuration, for their own protection. I cannot believe such arrogance, where my ISP is controlling my router/modem  settings.

:emotion-39:

Sounds like you need a different brand router (assuming the problem doesn't extend beyond Cisco) AND a new ISP, if that's possible.

Will these idiots ever learn about protecting our security? - Rhetorical question

joe53

2 Intern

 • 

5.8K Posts

 • 

17.3K Points

July 19th, 2014 19:00

Sounds like you need a different brand router (assuming the problem doesn't extend beyond Cisco) AND a new ISP, if that's possible.

Ron, it's a long story. Until recently I had a Motorola Surfboard modem over which I had full control, but it died on me.

I'm in the process of moving, and will be dumping my current ISP and their miserable gateway ASAP. Can't wait! I just hope I survive the interim.


ky331

5 Journeyman

 • 

15.6K Posts

 • 

45K Points

July 21st, 2014 04:00

According to this, "Cisco has released free software updates that address this vulnerability":  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ciscosa-20140716-cm 

Now, you just have to sift through all the gobbledygook to figure out how to obtain them :emotion-5:   (I did not pursue further details/implementation, since I don't have a Cisco router.)

Was this post helpful?

View All

0 events found

No Events found!

Top