Secret backdoor found in networking gear perfect for government espionage(theregister.co.uk) |
Secret backdoor found in networking gear perfect for government espionage(theregister.co.uk) |
> The vulnerability is due to the presence of a default SSH key pair that is present in all devices.
That's quite a bug -- I expected to see obscure exploit deep in the networking code which masterfully bypasses all code hardening, but found a default credentials instead. This is the kind of mistake that a random IoT company would do, I would not expect this from Cisco.
The other possible explanation is that it's intentional.