This article is more than 1 year old
Stop us if you've heard this: Cisco Aironet has hard-coded passwords
Get patching, friends
Cisco's discovered that its Mobility Express Software, shipped with Aironet 1830 Series and 1850 Series access points, has a hard-coded admin-level SSH password.
The default credentials open affected devices to remote exploitation if an attacker has “layer 3 connectivity to an affected device”.
The bug is in access points running “an 8.2.x release of Cisco Mobility Express Software prior to Release 8.2.111.0, regardless of whether the device is configured as a master, subordinate, or standalone access point”.
Switchzilla's advisory adds that “this advisory is part of a collection” for the Aironet 1830/1850 series.
Also strutting the catwalk in the Aironet Spring Catalogue:
- An input validation bug in the Cisco Wireless LAN Controller (WLC);
- An IPv6 UDP denial-of-service (DoS) vulnerability in the WLC; and
- A DoS vulnerability in he WLC's management GUI.
Patches are available to fix up these design blunders. ®