Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express Default Credential Vulnerability: CVE-2017-3834
by CIRT Team
Description: The vulnerability is due to the existence of default credentials for an affected device that is running Cisco Mobility Express Software, regardless of whether the device is configured as a master, subordinate, or standalone access point. An attacker who has layer 3 connectivity to an affected device could use Secure Shell (SSH) to log in to the device with elevated privileges. A successful exploit could allow the attacker to take complete control of the device.
Impact: An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks.
Mitigation: Cisco has released software updates that addresses this vulnerability.