Backdoor Discovered in Cisco Small Business Routers

According to a blog post from Cisco, a titan of personal and professional networking hardware in the industry, several routers and switches designed for small business are vulnerable to a backdoor technique that was first discovered in D-Link routers nearly a month ago.

By exploiting the LAN interface in the options menu, an attacker can fake his credentials and gain access to the internal settings of the router without any proper identification or password input beforehand. Unearthed by Eloi Vanderbeken on github, the crack supposedly only affects a small subset of switches made for their Small Business line of products.


The models in question are:

Cisco expects they will have patched updates ready for the devices by the end of January, but until then you can use any of our simple tutorials to install a custom firmware like DD-WRT or Tomato to protect yourself and your small business network.