136
Cisco is still hard-coding passwords into its products
(www.thestack.technology)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 28 Oct 2024
136 points (100.0% liked)
Cybersecurity
7728 readers
243 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
That could be any user logged into the CLI. Cisco is famously a network appliance company and they make admin available over the network. Anyone who can get to the LAN/VLAN these appliances are on can exploit this. So not specifically physical access.
You are right:
Holy fuck.
Management interface is only available locally
The management interface can 100% be put on LAN and often is.
Okay sure then you're asking for trouble. You could also configure the word password as your password.
I agree, its not something I would do.
Doesn't change that it happens.