Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WRVS4400N Undocumented Test Interface in Cisco Small Business Devices

Undocumented Test Interface in Cisco Small Business Devices

A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain

root-level access to an affected device.


Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: link broken

Is this vunerability accessible from internet (wan) or just lan.

4 REPLIES
Silver

Re: WRVS4400N Undocumented Test Interface in Cisco Small Busines

Hi Dominic,

Yes, the link is broken and I have submitted a request to fix it.  However we just released a fix for the Unauthorized Access Vulnerability in the WAP4410N.

Download the new firmware here: cs.co/6014eZHK

Regards,
Cindy Toy
Cisco Small Business Community Manager
for Cisco Small Business Products
www.cisco.com/go/smallbizsupport
twitter: CiscoSBsupport
twitter: CiscoSmallBiz
Instagram: instagram.com/ciscosmallbiz
Facebook: facebook.com/CiscoSmallBusiness

Regards, Cindy If my response answered your question, please mark the response as answered. Thank you!
New Member

Re: WRVS4400N Undocumented Test Interface in Cisco Small Busines

My query was: this vulnerability affects WRVS4400N. Can this vulnerability be accessed on the WAN side. I have disabled WAN management.  I do not own a WAP4410N.

Gold

Re: WRVS4400N Undocumented Test Interface in Cisco Small Busines

Dominic,

Details

A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. This vulnerability can be triggered from the LAN interfaces of the Cisco WRVS4400N Wireless-N Gigabit Security Router and the Cisco RVS4000 4-port Gigabit Security Router from the wireless LAN (WLAN) and the LAN interfaces of the Cisco WAP4410N Wireless-N Access Point.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd

- Marty

New Member

Re: WRVS4400N Undocumented Test Interface in Cisco Small Busines

mpyhala

Thanks for the answer.

I checked wrvs4400n support page and found a new firmware but I do not understand the condition for downloading. I am a home user, live and use the router in Canada. What are my obligation?

468
Views
0
Helpful
4
Replies
CreatePlease login to create content