Reply to post:

Miscreants sweep internet for unpatched Cisco kit, fears over bugged Chinese parts, Roger Stone nabbed...

sanmigueelbeer Silver badge
Thumb Down

You don't have to be authenticated, you just have to be able to reach the router's web-based management portal.

I would expect this kind of sh1tty code (easily exploitable) and wrapped in an equally cheap-n-nasty IoT product from some eastern Asian country.

I was not expecting this sort of code exploit to be in an expensive product made by a multi-billion dollar company called Cisco. Makes me think out aloud if Cisco actually sub-contracted the code from some the same east Asian country (and not bother checking)?

Another thing, Cisco own Talos. So Cisco (and Talos) didn't bother checking on their own product and it took an outside security firm to spot this?

Is it April 1 already?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021