Warning: Detecting more than 1000 Cisco router and switch devices in Vietnam has a serious security error

There are more than 1000 Cisco router and switch devices in Vietnam (all devices used in large network environments and core systems) are subject to serious security errors.

The Information Security Department (Ministry of Information and Communications) has sent a warning letter about a group of 40 critical safety information points on Cisco routers (switches) and switches (switches). In particular, in the vulnerable Cisco IOS operating system with international error code CVE-2018-0171 exists in the Smart Install function, a function used to manage installation, device deployment and is normally enabled determined.

Warning: Detecting more than 1000 Cisco router and switch devices in Vietnam has a serious security error Picture 1

Bad guys take advantage of this flaw to send a Smart Install fake message to the TCP port 4786 of the device. If successful, a process will be started to reload the device, execute remote code or perform an infinite loop on the device that leads to a denial of service.

Previously, Cisco confirmed information about this vulnerability on its router / switch devices on March 28, 2018. Since then, the CVE-2018-0171 vulnerability has been exploited by bad guys to carry out many cyber-attacks around the world.

According to VARANS, there are more than 1000 devices affected in Vietnam and the country with the most IP range detected. Therefore, users need to be very wary.

The list of Cisco network devices is affected by the vulnerability:

Warning: Detecting more than 1000 Cisco router and switch devices in Vietnam has a serious security error Picture 2

In order to ensure information security and prevent the risk of network attacks, administrators at agencies and organizations check and review network devices that may be affected and fix vulnerabilities.

How to check CVE-2018-0171 vulnerability

To check CVE-2018-0171 vulnerability, administrators can do one of the following:

Method 1: Use tools published by Cisco at the following link: https://github.com/Cisco-Talos/smi_check

Method 2: Run the show vstack config command on the Cisco device. If the device uses the Smart Intstall Client, the following content will appear:

switch # show vstack config | inc Role

Role: Client (SmartInstall enabled)

How to fix security holes on Cisco routers and switches

Method 1: Update and upgrade the operating system for routers and switches according to Cisco's instructions at the following address:

  1. https://goo.gl/tbYqPu

Method 2: Run the no vstack command on the affected device to turn off the Smart Instal feature if not needed.

Method 3: If you don't use Access List, you can block 4786.

For more information on vulnerability analysis and PoC, you can visit the link below.

  1. https://goo.gl/hc8saV

See more:

  1. Warning: GandCrab extortionist code is attacking Vietnam
  2. Warning of new malware appear like Wannacry, capable of deleting Vietnamese percussion on computer
  3. Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype .
4 ★ | 4 Vote

May be interested

  • What is a router? Operating principle of RouterWhat is a router? Operating principle of Router
    to better understand what a router is, let's take a look at the article below with huy khang. router is a device that spreads wifi waves to connect to many devices.
  • How to Secure WiFi with tips on the routerHow to Secure WiFi with tips on the router
    router controls access to home wifi network and all phones, tablets, and laptops. etc .. connect via router. it is therefore essential to keep the router as secure as possible.
  • Detect dangerous security holes affecting many D-Link routersDetect dangerous security holes affecting many D-Link routers
    security researchers miguel méndez zúñiga and pablo pollanco of telefónica chile have just published proof-of-concept (poc) that allows hackers to execute remote commands and exploit vulnerabilities that leak information related to many d-link routers are being used worldwide.
  • Basic information about network equipmentBasic information about network equipment
    in order to be able to use and connect networks to computers, we need dedicated network installation devices. including 5 basic names including repeater, hub, switch, router and gateway. each device has different characteristics as well as ability to work.
  • Warning: Detecting a very serious vulnerability in Cyberoam, a common firewall system in VietnamWarning: Detecting a very serious vulnerability in Cyberoam, a common firewall system in Vietnam
    vsec is broadcasting a warning about an extremely dangerous vulnerability with the code name cve-2019-17059 on cyberoam.
  • Warning: If you own an old D-Link VPN router, throw it away!Warning: If you own an old D-Link VPN router, throw it away!
    the manufacturer has confirmed that a serious vulnerability has been found in some devices that are no longer officially supported.
  • How to Configure TP Link RouterHow to Configure TP Link Router
    a router (or router) is a device that connects multiple devices (such as computers and smartphones) to a network. with a newly purchased tp-link router, you can configure the device through quick setup using the user interface on your pc's web browser. if you don't have enough information, try setting up and using the wi-fi network through the basic steps. additionally, you can use the web-based interface to set up parental controls on the router, as well as assign port forwarding to specific devices. tipsmake today will show you how to configure tp-link router.
  • Set up a new router using IP address 192.168.1.1Set up a new router using IP address 192.168.1.1
    192.168.1.1 ip address is often used by linksys broadband routers and sometimes by other router brands or home network gateway devices.
  • What is Network TAP? How does it help secure the system?What is Network TAP? How does it help secure the system?
    a network tap is a hardware device that you place in a network, especially between two connected devices of a network (such as a switch, router, or firewall) to monitor network traffic.
  • 10 best VPN routers 202010 best VPN routers 2020
    the vpn router provides all the data security and privacy features of the vpn client, and does this to all devices connected to them. here are the 10 best router models that can act as vpn ports for your home or small business.