What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

News RV340/345 Security Vulnerability

jasonreg

Regular Contributor
If you don't want to disturb your working setup and have security concerns - place another firewall in front of your RV34x router.
 
That RESTCONF setting has a checkbox for LAN and WAN. Surprisingly the Cisco advisory does not even mention this.

That being so, I'm going to proceed with 'keeping the WAN checkmark set to off' is good enough.

The Cisco Admin Guide for RESTCONF says nothing useful, e.g., "By default, it is enabled on LAN interface. It can also be enabled on both LAN and WAN interfaces."
 
This is how (RESTCONF unchecked) I have been running since this advisory came out. I have not seen any issues whatsoever. That said, I will be replacing the router shortly I think.
 
If you don't want to disturb your working setup and have security concerns - place another firewall in front of your RV34x router.
Which firewall should this be?
A consumer firewall that would block the hole for a couple of years or an open source firewall that would get updates for longer, but is harder to setup?
 
We had a good run with the Cisco RV340 routers. Once Cisco drops support they will not fix it anymore.

I am using now a Dell small form factor PC with low watt CPU and pfsense. It works good and so far, has better support than in the old days.
 
Which firewall should this be?

I still have one Cisco RV in use behind 2x ISP gateways, Dual-WAN in Auto and 4x Cisco APs. Works in my summer house for years, no one had any interest to hack the setup and nothing to hack there anyway.
 
We had a good run with the Cisco RV340 routers. Once Cisco drops support they will not fix it anymore.

Yes, and this is a bit of a problem...

I know of specific installation where the owner would like to replace it, but cannot as he doesn't own it - it's provided by his credit card service provider, and it is part of a PCI/EMV compliant network chain of trust.

It's unfortunate that Cisco stepped away from that market segment - the replacement in their product line card is much more expensive and not much more capable than the RV line was.
 
Yes, and this is a bit of a problem...

I know of specific installation where the owner would like to replace it, but cannot as he doesn't own it - it's provided by his credit card service provider, and it is part of a PCI/EMV compliant network chain of trust.

It's unfortunate that Cisco stepped away from that market segment - the replacement in their product line card is much more expensive and not much more capable than the RV line was.
I think Cisco came to the conclusion that router front doors require a lot of maintenance which translated to costs for them to maintain an internet front door as hacking is a very big problem nowadays.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Back
Top