WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

Forums Security News (Security) WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

Tagged: 

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • #29027
      TelegramGroup IoTForIndia
      Moderator
      • Topic 2519
      • Replies 0
      • posts 2519
        @iotforindiatggroup

        News#(Security) [ via IoTForIndiaGroup ]


        WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

        Overview

        WootCloud conducted an analytical study of exposed Cisco router devices on the Internet. The purpose of the study is to determine the potential number of exposed Cisco routers running administrative web consoles configured as a result of level 15 access. Exposed routers could become potential targets for the malware authors to compromise these devices and use the same for nefarious purposes on the Internet by forming botnets. Compromised routers can be used for building botnets to trigger unauthorized operations such as launching brute-force attacks, bitcoin mining, building hidden proxy tunnels, and many others. The study reflects the risk carried by organizations for allowing the administrative web consoles to exposed on the Internet that can be accessible by remote users without any restriction. In this research, WootCloud observed more than 200,000 Cisco routers running with exposed web administrative panels.

        Analysis

        Any exposed cisco router running web service on TCP port 80 or TCP port 443 respectively send HTTP response headers as shown below:


        Read More..

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.