WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

Forums Security News (Security) WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

Tagged: 

This topic contains 0 replies, has 1 voice, and was last updated by  TelegramGroup IoTForIndia 1 month ago.

  • Author
    Posts
  • #29027

    TelegramGroup IoTForIndia
    Moderator
    • Topic 967
    • Replies 0
    • posts 967
      @iotforindiatggroup

      News#(Security) [ via IoTForIndiaGroup ]


      WootCloud Detected Thousands of Exposed Cisco Routers Administrative Web Consoles

      Overview

      WootCloud conducted an analytical study of exposed Cisco router devices on the Internet. The purpose of the study is to determine the potential number of exposed Cisco routers running administrative web consoles configured as a result of level 15 access. Exposed routers could become potential targets for the malware authors to compromise these devices and use the same for nefarious purposes on the Internet by forming botnets. Compromised routers can be used for building botnets to trigger unauthorized operations such as launching brute-force attacks, bitcoin mining, building hidden proxy tunnels, and many others. The study reflects the risk carried by organizations for allowing the administrative web consoles to exposed on the Internet that can be accessible by remote users without any restriction. In this research, WootCloud observed more than 200,000 Cisco routers running with exposed web administrative panels.

      Analysis

      Any exposed cisco router running web service on TCP port 80 or TCP port 443 respectively send HTTP response headers as shown below:


      Read More..

    You must be logged in to reply to this topic.