back to article Got a cheap Cisco router in your home office? If it's one of these, there's an exposed RCE hole you need to plug

Cisco has published patches for critical vulns affecting the web management interface for some of its Small Business Dual WAN Gigabit routers – including a 9.8-rated nasty. The two vulnerabilities affect the RV340, RV345, RV340W, and RV345P products, which are aimed at SMEs and home office setups. Attackers abusing them on …

  1. Mike 137 Silver badge

    "...disabling web admin interface access from non-LAN connections may reduce the risk"

    "web admin interface access from non-LAN connections"??

    Why on Earth would you implement this anyway?

    1. mevets

      Why on Earth?

      Customer wanted feature. PM lacked wherewithal to say no.

  2. sitta_europea

    And I thought electric windows was a silly idea....

  3. Kevin McMurtrie Silver badge

    Self defense?

    My experience with Cisco's RV series is that they barely work. Hackers will need to deal with constant crashes, stalling, and users power cycling the device.

    1. Anonymous Coward
      Anonymous Coward

      Re: Self defense?

      Although not covered by this incident I have a number of RV325's in my flock. I've not had to reboot any on a regular basis, but the web interface is awfully sluggish at the best of times. Given cisco's general lack of support and interest in them, the lack of any 4G dongle that it will recognise, and cisco's lack of support for their own VPN client to give remote access, I've been replacing them over the last couple of years with Drayteks as and when clients will go for it. It's a shame Draytek do not do a half-decent single rack mount box, with dual wan/4G/adsl router and 12-16 port switch. 4 ports on a SOHO router is a joke, and more boxes just adds to the clutter and fault potential.

    2. Down not across Silver badge

      Re: Self defense?

      That is my experience also. I tried couple RV series devices and they were the most unreliable and useless POS. Further research revealed numerous complaints on various forums (including Cisco's own) about issues and Cisco's total unwillingness to address any of them.

      I learnt my lesson and will never touch Cisco's "Small Business" line ever again.

      Back to the original point, I doubt they manage to stay up long enough for anyone to hack them.

  4. David Roberts

    LAN attack?

    If the attacker is already on your LAN for a home office device, aren't you screwed anyway?

  5. Kevster

    Enterprise gear is bad enough.....

    Their enterprise 'security' gear is bad enough... Quite why anyone would buy their SOHO gear is beyond me. This series has had more holes than Roger federer's fondue supply.

    If you are stuck with Cisco for SOHO then at least use Meraki.

  6. newspuppy

    CRIMINAL

    CISCO claims this device is no longer sold in the US.

    https://www.cisco.com/c/en/us/products/routers/rv325-dual-gigabit-wan-vpn-router/index.html

    BUT on amazon.co.uk from the official CISCO store.. they are selling.... probably with old firmware.. :(

    https://www.amazon.co.uk/Cisco-RV325-16-Port-Router/dp/B00I4IUUQY/r

    Not prosecutable.. but .. (in my opinion) CRIMINAL!

  7. FlamingDeath Silver badge

    So it turns out, brand logos which appear in movies as product placements aren’t all they’re cracked up to be.

    Overpriced and underdeveloped

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022