back to article Cisco inferno: Networking giant reveals three 10/10 rated critical router bugs

Cisco has revealed five critical bugs, three of them rated 10/10 on the Common Vulnerability Scoring System, that impact four of its router families aimed at small businesses. And it only has patches available for two of the affected ranges. The flaws impact the RV160, RV260, RV340 and RV345 products, all of which can be …

  1. Pascal Monett Silver badge
    Big Brother

    "the boxes can also be made to create DDoS attacks"

    So, no National Security issues here ?

    Of course not, it's Cisco, not Huawei. We're safe.

    Move along, citizen, move along.

    1. TeeCee Gold badge
      Meh

      Re: "the boxes can also be made to create DDoS attacks"

      The crucial difference is that yer shifty foreign bastards have to find the holes in order to use them, rather than being told exactly what to do by the manufacturer (and how the new ones work when the old ones are found by someone else and have to be patched).

      At least you're making the sods work for their intel.

    2. elaar

      Re: "the boxes can also be made to create DDoS attacks"

      You're never safe.

      But to be fair, we used to report about a dozen bugs/vulns a week to Huawei UK.

  2. Paul Crawford Silver badge

    "Cisco inferno"

    Brilliant!

  3. Martin an gof Silver badge

    Being asked to do ad hoc tech support for friends and family is never fun. Might this triple dose of perfectly critical trouble be the moment to offer counsel?

    Ok, hands up anyone who has "friends and family" running Cisco gear?

    Anyone?

    M.

    1. jollyboyspecial

      Here's a hand for you

    2. Down not across

      Umm some... but not as many as while back. The cheap(ish) second hand routers don't really cope with broadband speeds without choking the CPU. Many are now happy runnin OPNsense on PC engine's APU.

      1. Snake Silver badge

        Re: cheapish Ciscos

        This. The network my boss had his sysop relative build for us (without consulting me) "featured" a RV110W.

        In all its 4-port, 10/100 Ethernet & 2.4gHz 802.11abn glory.

        2.4gHz N. Just the thing for no inference high speed Wi-Fi inside a dense, multistorey office building.

        All that glorious power...in 2013!

        /s

        Stuck working with it for 5 years, it did not receive a SINGLE firmware update beyond 2014 during that time (I just looked: they finally updated the firmware in 2020, only 1 short year after it was discontinued!).

        ....

        "Goodbye and good riddance" were my only parting words to it.

    3. Anonymous Coward
      Anonymous Coward

      Nah. Moved to Huawei.

      :)

      1. Anonymous Coward
        Anonymous Coward

        我们知道,谢谢,我们很感激

  4. Anonymous Coward
    Trollface

    Why not?

    Can't the NSA just push the patches through their backdoor?

    1. amanfromMars 1 Silver badge

      Re: Why not?

      Can't the NSA just push the patches through their backdoor? ....HildyJ

      The fact that they [NSA] can’t, or if we be generous and suggest that they won’t, tells one and all everything they need to know about the impotence of the NSA in such fields of virtual endeavour which some systems would claim to be of a vital nature for the exclusive success of their business.

      No shades of grey in that revelation which is more than just suggesting that unholy emperor [NSA] has no clothes.

    2. Anonymous Coward
      Anonymous Coward

      Re: Why not?

      Can't the NSA just push the patches through their backdoor?

      Why would they want to lock themselves out?

      1. Anonymous Coward Silver badge
        Facepalm

        Re: Why not?

        No, because they'd install new backdoors at the same time.

    3. elaar

      Re: Why not?

      Assuming that every Cisco router is accessible via public addressing? I'd say that about 95% are on MPLS or similar.

      1. IGotOut Silver badge

        Re: Why not?

        These are aimed at small businesses. Every chance they are on the malware infested bog standard isp's connection.

  5. Down not across

    "fixed software is yet to arrive for some models"

    fixed software is yet to arrive for some models

    I'm suprised fixes for any exist. Historically cisco seems to have had zero interest in fixing any issues with the crappy RV series. I suppose 10/10 CVE makes an exception.

    Tried few RV series kit and they were atrocious. no stability. Random freezes/crashes, etc (and I wasn't even trying to push them hard). Cisco's forums revealed all the issues were common and cisco showed no interest in fixing issues.

    1. train_wreck

      Re: "fixed software is yet to arrive for some models"

      Agree wholeheartedly on your description of the RV series being awful, at least the earlier ones were. Part of the reason they sucked so bad was because some models were holdovers from the Linksys acquisition, and yes it appeared Cisco had zero interest touching them. God what a fiasco those few years were...

      The 340/345 are newer ~2015 hardware, and in my experience they weren't terrible, although for sure had bugs that never got fixed. I recall getting decent performance out of them, something like 500mbps IPsec and gigabit NAT. I think the hardware was Cavium based, but I'm not 100 percent on that. As a product line they seem on their way out....

  6. Fred Daggy Silver badge
    Big Brother

    I am guessing that the "enemy du jour" found out the NSAs backdoor, and so now they are patching it. Time for NSA to use backdoor B.

  7. Anonymous Coward
    Anonymous Coward

    Better performance....but who benefits?

    Quote: "Networking giant reveals three 10/10 rated critical router bugs"

    Now....since these "features" were probably bought and paid for by a secretive organisation in Fort Meade, MD, one has to ask the obvious question....

    Why would Cisco reveal them now?

    Perhaps because the patches will install improved "features"?

    I think we should be told!!

    1. stiine Silver badge
      Pint

      Re: Better performance....but who benefits?

      Damn, And I thought I was cynical...

  8. Will Godfrey Silver badge
    Coat

    How is this 'news'

    Title says it all.

  9. IGotOut Silver badge

    Here is a bug fix....

    .... but you should really paying us for this. How about a nice Meraki set up?

    1. The Dark Side Of The Mind (TDSOTM)

      Re: Here is a bug fix....

      Meraki is all nice and cozy until you get the bill(s). And they get you by the ovoids with licensing their dashboard... at least yearly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like