Critical Cisco security Authentication Bypass Vulnerability leads to hack thousands of home routers

Remote unauthenticated control over a vulnerable ISP’s gear, could allow an attacker to log into the software as an administrator and remotely take control of thousands upon thousands of customers’ home routers, broadband gateways and similar boxes.

Cisco said ,The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication.

Read more at GBHackers On Security