Cisco Warns of Vulnerability in Firewall Devices
Posted by: Timothy Weaver on 01/29/2016 09:35 AM
[
Comments
]
Cisco is advising its firewall users to update their firmware to prevent an intrusion.
The vulnerability is in their EV220W Wireless Network Security Firewall devices which if exploited could allow remote attackers to access administrative privileges by circumventing the authentication process.
The company has already made patches available, both firmware updates and software patches available to address the flaw.
Users are warned that indicators of a compromise include “Authentication, Accounting, and Authorization (AAA) log files for a device contain(ing) suspect or malicious login data.”
Cisco said that the vulnerability is attributed to “insufficient input validation of HTTP request headers" that get sent to the interface of affected devices. This flaw could allow a hacker to send devices a crafted HTTP request, encoded with malicious SQL statements, in order to leverage their remote access capabilities and subsequently alter user privileges.
Source: SCMagazine
The vulnerability is in their EV220W Wireless Network Security Firewall devices which if exploited could allow remote attackers to access administrative privileges by circumventing the authentication process.The company has already made patches available, both firmware updates and software patches available to address the flaw.
Users are warned that indicators of a compromise include “Authentication, Accounting, and Authorization (AAA) log files for a device contain(ing) suspect or malicious login data.”
Cisco said that the vulnerability is attributed to “insufficient input validation of HTTP request headers" that get sent to the interface of affected devices. This flaw could allow a hacker to send devices a crafted HTTP request, encoded with malicious SQL statements, in order to leverage their remote access capabilities and subsequently alter user privileges.
Source: SCMagazine
Comments
