surely?
If you didnt shut off telnet in 2001 you suck.
Cisco has slung patches at its Nexus 3000 and 3500 switches to shutter a default remotely-accessible administrative account. The critical bug (CVE-2016-1329) grant attackers root access, according to Cisco security wonks. Admins can shut off Telnet as a workaround in place of the patch. "[The vulnerability] could allow an …
Last time I touched production Cisco kit was 2015. None of it was configured on SSH as it was old, didn't have K9 firmware, and they wouldn't replace them or put them on a smartnet so no SSH.
Public sector is terrible for that kind of thing. The year before I'd also seen people using the SNMP write community strings as well!