Undocumented Test Interface in Cisco Small Business Devices

A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device.

Note: Additional research performed by Mr. Eloi Vanderbeken during April 2014 seems to indicate that some products may be affected by another vulnerability, introduced while fixing the original “TCP port 32764 Undocumented Test Interface” vulnerability. Cisco has confirmed the undocumented test interface has been completely removed by the firmware images listed in this advisory and cannot be re-enabled in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router.

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.
This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd”]