Cisco Systems exists Hardcoded Backdoor Account

For the fourth time in four months, Cisco removed a hard-coded backdoor credential (CVE-2018-0329) from its product, which could allow an attacker to access the affected device. The newly discovered hard-coded account exists in the Wide Area Application Services (WAAS) software package, which is used to optimize WAN traffic management.

SNMP stands for Simple Network Management Protocol, a network protocol that collects data from remote devices. This string was inadvertently discovered by security researchers while studying another vulnerability and it is invisible to the device owner.

“A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP.

The vulnerability is due to a hard-coded, read-only community string in the configuration file for the SNMP daemon. An attacker could exploit this vulnerability by using the static community string in SNMP version 2c queries to an affected device. A successful exploit could allow the attacker to read any data that is accessible via SNMP on the affected device.“

Source: Cisco