Cisco warns of big remote management hole in tiny routers

Networking giant Cisco is probably best known for its reassuringly expensive enterprise-grade network kit.

But it also sells consumer products, and even little routers can have giant holes, as Cisco warns in a just-published security advisory.

A range of the company’s wireless residential gateways – SoHo routers, to you and me – have remote code execution bugs in their web servers.

Like many routers, the affected models, including the DPC3825 and DPC3925, have a web-based management interface.

According to the manual for the 3825 model, the web interface is only accessible via HTTPS (secure HTTP), whether you are connecting to it from inside or outside, which is a good feature to see.

Sadly, however, a cryptographically secure connection alone doesn’t shield your web server code from buffer overflows when it handles the requests it receives.

And that seems to be the problem here, as Cisco explains:

A vulnerability in the web server ... could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.

In simple English, that means a crook could connect to your router via HTTPS and, without entering a username or password, take it over.

Cisco goes one step further and suggests that “[w]orkarounds that mitigate this vulnerability are not available,” but the online manual fortunately suggests otherwise.

You can, it seems, simply go to the Administration > Management page in the configuration interface and turn off Remote Management:

That doesn’t fix the buffer overflow, of course, but it means that only users already connected to your network from the inside can get at the buggy web server, greatly reducing your risk.

It’s not explicit in the manual whether remote administration is on by default, though more than one screenshot shows the option set to Disable, suggesting that it is off to start with.

We’d recommend turning the internet-facing web administration interface off anyway, buffer overflow or not.

Cisco says that a fix is available – the security advisory has more details.

Free Sophos UTM Home Edition

Looking for a full-blown security solution to add to your regular SoHo router?

If you have a spare PC or laptop handy, why not try the Sophos UTM Home Edition?

You get all the features of our commercial product, including: web and email filtering; a network intrusion detection system; full-blown VPN support; and licences to install and manage Sophos Anti-Virus for Windows on up to 12 PCs.

If you are the IT geek in a shared house or have children to keep safe online, this could be just what you need, all for $0.

Click to go to download page...