Title: Cisco Cable Access Router MIB Community Default Passwords Vulnerability
Severity: CRITICAL
Description:
The ubr900 series routers are a Cable Access solution manufactured and maintained by Cisco Systems. They are designed to route traffic over cable networks.
A problem with the firmware of the ubr900 series could make it possible for a remote user to gain unauthorized access to the system. The problem is in the inclusion of default passwords.
The Management Information Base (MIB) is part of the functionality of SNMP, providing various configuration information to users that may be able to read the MIB information, and may allow the altering of configuration parameters to users with write access.
Cisco ubr900 routers that conform to the DOCSIS standard provided by CableLabs may allow access by arbitrary users. The MIB supports default community strings xyzzy, agent_steal, freekevin, and fubar. These community strings allow a remote user to read and write information in the MIB, which could result in an attacker gaining access to sensitive information, or changing the configuration of the vulnerable router. This problem has been confirmed in models ubr920, ubr924, and ubr925.
This vulnerability makes it possible for a remote user to gather intelligence on a vulnerable network, and could also lead to a denial of service.
Affected Products:
- Cisco ubr920
- Cisco ubr924
- Cisco ubr925
References:
- Cisco Systems: Cisco uBR925 Cable Access Router Hardware Installation Guide
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
