• Unaware7013@kbin.social
    link
    fedilink
    arrow-up
    20
    ·
    1 year ago

    I wonder if they’re using default/hard coded creds (Ciscos have had a ton of them) or if its just bad password hygiene on the admins’ part.

    • partial_accumen@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      ·
      1 year ago

      Hardcoded creds seems like a really bad idea on a network appliance. If they MUST have hardcoded creds how about they only work when sent through a serial console at least your attacker would have to have local physical access to the device.

    • ddkman@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      I do agree, and Cisco immediately grabbed the occasion to push their shitty restrictive trusted boot policy. Which is worrying.