Two days after Cisco patched a severe vulnerability in a popular brand of SOHO routers, and one day after the publication of proof-of-concept code, hackers have started scans and attacks exploiting the said security bug to take over unpatched devices.
The vulnerability, tracked as CVE-2019-1663, was of note when it came out on February 27 because it received a severity score from the Cisco team of 9.8 out of a maximum of 10.
It received such a high rating because the bug is trivial to exploit and does not require advanced coding skills and complicated attack routines; it bypasses authentication procedures altogether; and routers can be attacked remotely, over the internet, without attackers needing to be physically present on the same local network as the vulnerable device.
By Catalin Cimpanu
To read the full article click here.
