Domainzero

**Name of the Vulnerable Software and Affected Versions** Cisco WAP4410N access point versions 2.0.6.1 and earlier Cisco WRVS4400N router versions 1.1.13 and earlier, versions 2.0.2.1 and earlier Cisco RVS4000 router versions 2.0.3.2 and earlier **Description** The issue allows remote attackers to read credential and configuration data and execute arbitrary commands via requests to the test interface on TCP port 32764. **Recommendations** For Cisco WAP4410N access point versions 2.0.6.1 and earlier, update the firmware to a version later than 2.0.6.1. For Cisco WRVS4400N router versions 1.1.13 and earlier, update the firmware to a version later than 1.1.13. For Cisco WRVS4400N router versions 2.0.2.1 and earlier, update the firmware to a version later than 2.0.2.1. For Cisco RVS4000 router versions 2.0.3.2 and earlier, update the firmware to a version later than 2.0.3.2. As a temporary workaround, consider restricting access to the test interface on TCP port 32764 until a patch is available.