Researchers from Cisco Talos discovered vulnerabilities in NETGEAR wireless routers. ue to the incorrect configuration…
The vulnerability is related to the DVMRP function, and experts explain that the bug allows a remote unauthorized attacker to provoke a process memory depletion and cause the failure of other processes running on the device (including internal and external routing protocols).
In essence, an attacker can launch a serious DoS attack on vulnerable network equipment.
“An attacker could exploit these vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols”, — inform Cisco engineers.
Moreover, have already been noticed attempts to exploit this problem last week. The attacks were discovered after an unnamed customer contacted support, and the company’s support team, PSIRT (Cisco Product Security Incident Response Team), was brought in to investigate the incident.
Let me remind you that these are not the first problems with IOS XR. We’ve reported that vulnerability in Cisco IOS XE allows invasion in internal networks through a malicious link.
Unfortunately, there are no patches for the 0-day bug yet, and it will take several days to create them.
In the meantime, Cisco offers its customers several workarounds and security methods to prevent attempts to exploit CVE-2020-3566.
Let me also remind you that Cisco deliberately sold vulnerable software to the US government and by court order will pay a fine of $8.6 million
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…