A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
At least have a source IP access list only allowing trusted IP ranges. Ideally it would only be reached from an internal IP range or bastion host, but not all companies have a security hat to wear.
At least have a source IP access list only allowing trusted IP ranges. Ideally it would only be reached from an internal IP range or bastion host, but not all companies have a security hat to wear.
This is the barest of minimalistic security. It’s a router. You don’t allow external admin access to the router. Period. End of story.
I dont disagree with you if a company has a competent employee configuring them.
It shouldn’t even be allowed by the router software.