A CyCognito research team conducting routine reconnaissance on a customer’s network found a cross-site scripting zero day (XSS) vulnerability on the web admin interface of two different small business Cisco routers.
The finding was released in a blog that went live earlier today.
Alex Zaslavsky, CyCognito’s head of security research, said they reported the flaw to Cisco and the router vendor has since fixed the issue. He said attackers value XSS vulnerabilities because they can use them to access a victim’s existing session and even take over an account, impersonate the victim and access their data.
“We’ve found that most security pros focus on an organization’s crown jewels and would tend to not pay too much attention to branch offices,” Zaslavsky said. “But the hackers are clever and if they can enter a network through a remote branch office, they will.”
CyCognito’s researchers found the vulnerabilities in the Cisco small business routers models RV042 and RV042G. During the investigation while mapping the attack surface of the CyCognito customer, the research team recognized that they found a vulnerability that had never been reported, which made it a zero day.