In the Cisco Catalyst Switches of the PON CGP-ONT- * series (Passive Optical Network) Detected Critical Safety Problem (CVE-2021-34795), allowing Telnet to connect to a switch with administrator rights when you enable the Telnet protocol using a predetermined debugging record left by the manufacturer in the firmware. The problem is manifested only when activated in the settings of access through Telnet, which is disabled by default.
In addition to the availability of an account with a predetermined password in the considered switcher models, two vulnerabilities (CVE-2021-40112, CVE-2021-40113) are also revealed in a web interface that allow a non-authenticated attacking that does not know the input parameters, execute their commands with ROOT rights and make changes to the settings. By default, access to the Web interface is allowed only from the local network if this behavior is not overridden in the settings.
at the same time similar problem (CVE-2021-40119) with predefined engineering input detected in the software product Cisco Policy Suite , in which the SSH key prepared by the manufacturer was previously prepared, allowing a remote attacker to access the ROOT rights system.