It should go without saying, but the HTTP and HTTPS server feature should never be enabled on Internet-facing systems as is consistent with long-established best practices. Cisco reiterated the guidance in Monday’s advisory.
That’s the first thing I thought when I read how the exploit works. Anyone wise enough to keep this interface locked down is safe here.
I still remember the time I found someone had setup an internet-facing switch between their modem and firewall so they could directly connect webservers to the internet sans firewall.
The reason? They didnt know how to configure the routing for a CIDR bloc on their firewall.
The people this exploit targets DO exist, and they dont even realize they're dumb.
No kidding. No doubt that the hardware probably has built-in VPN functionality too so..why would you expose a management interface to the internet. Its either lazy stupid or both.
(post is archived)