How did that issue resolve, if at all? No firmware update has been released since that time, and I don't have access to CSCui25004 to read more about any possible update there.
One fundamental point about the hack was also unclear to me: is it only going to be a problem when the SPA8000 is connected directly to the Internet, or is it also possible when it's behind a router? If it's the latter, it's truly puzzling to me.
Once former Linksys division has been dropped no one with deep-in knowledge about this class of product respond here like Patrick Born did. So I will be surprised if an insider will respond you here.
Based on my experience (our installations are focused on customer's security), neither SPA IP Phones nor ATA Gateways are suitable to be exposed to public Internet. It's not only because of issue you mentioned - there has been other issues in the past including undocumented management interface - turned on with no name/password required by default.
There are no countermeasures against DoS or brutal-force password guessing implemented in devices as well.
In short, those devices are "in-door units" and needs to be placed in secured network only. No untrusted source should be allowed to send even one packet to it. Even one packet may harm. Such packet may arrive not even from outside, but from infected local PC as well. Even short call to exotic destination may be expensive.
You should have dedicated *private* VLAN covering voice infrastructure devices only. No other devices should be allowed on such VLAN.
Appropriate countermeasures should be taken on local PBX, if any, as well as on border router.
Thanks, Dan, that's some good advice (and I think there's some in the original thread, too, though perhaps not much of it was effective). Also, I wasn't even aware that Linksys had been passed off to Belkin.
If you or someone does have access to that CDETS report, it would still be interesting to know what happened back then.
Welcome back for issue number 2 of the small business support community newsletter. Over the coming months we're going to share exciting news on the hardware and support community side. For now, we'll highlight our new favorite docs, pertinent...
Change in ASD Automatic Software Download Feature
Dec 13th, 2019
Cisco RV160, 260, 340, and 345 Series Routers
Due to an API change in Cisco’s software download platform the Automatic Download Feature (ASD) on RV series routers will be temporarily ...
SFP Module Support List for RV160x and RV260x Devices
Small form-factor pluggable (SFP) ports are included on the RV160 and 260 routers to allow the use of optical SFP transceiver modules. SFP’s convert the optical signals to electrical signals. SFP’s al...
Cisco is excited to offer its San Jose customers a unique opportunity to join us at Cisco headquarters for a design thinking workshop. This exclusive gathering, of no more than 20 people, is designed for an immersive interactive one-day session bet...