Computer Weekly reports that Cisco have announced yet another flaw in their software.. This follows a bunch of vulnerabilities detected last month in their router and switch IOS software.
A default user name and password combination were written, or "hard coded", into the software which runs on both devices and cannot be disabled. A malicious user who had the password would have complete control of the affected device, which could be used as a platform for further attacks, Cisco warned.
This must be the millionth "preset username and password" flaw reported in a networking device; albeit this time it's hard-coded :S Patches are available..
- Log in to post comments