So I guess
The NSA was finished using them?
Seriously, how hard is it to track and remove debugging credentials (and accounts, and configurations, etc.)?
Cisco this week revealed a pair of critical flaws, rated ten out of ten in severity, in its family of Catalyst PON Series Switches Optical Network Terminals. One of these vulnerabilities, CVE-2021-34795, is "an unintentional debugging credential," as Cisco put it, baked into the devices. What on Earth is an "unintentional …
One of the reasons I prefer open source stuff like OpenWRT and pFSense is the lower probability of crap like this happening. Oh, and much cheaper as well...
To be fair to others, they probably have cool features that I don't know about and/or have no idea how to use, not being adequately versed in the dark arts of VLAN management, etc.
No, but Cisco push stuff for small companies as well.
If you only have a dozen or two machines in one location then OpeWRT is quite adequate as a router and basic firewall. The ease of saving and restoring configuration allows you to have another cheap system on cold standby if you don't have the budget for fancy HA systems.
......ah!......a "mistake"!!!
*
....and then there's the NSA backdoors which we haven't been told about!!!
*
Yes.....I know.....the NSA isn't in bed with Cisco...........
*
....or in bed with NSO....or Google...............
*
Please........just stop reporting misinformation that some of us simply do not believe!!!!!