Critical vulnerabilities expose Cisco equipment to hijacking attacks

Cisco has revealed it uncovered, and fixed, two “high-severity” flaws in its Catalyst PON Series Switches Optical Network Terminals which could have allowed for unauthorized root access to devices.

As reported by The Register, the two vulnerabiliies are labeled CVE-2021-34795 and CVE-2021-40113, with the former described as an “unintentional debugging credential” or, as it seems, a backdoor left by the developers, for debugging. 

Source link