CVE-2004-1320

Vulnerability

The Asante FM2008 managed Ethernet switch running firmware version v01.06 includes a hardcoded backdoor account for the CLI interface (accessible via Telnet or serial port). The username is "superuser" and the password is "asante". This account is not documented in the user manual and cannot be changed through normal configuration commands. The backdoor credentials are separate from the user-configurable credentials used for the Web and terminal interfaces [1].

Exploitation

An attacker with network access to the switch's Telnet service (or physical access to the serial port) can connect and log in by entering "superuser" as the username and "asante" as the password. No additional authentication or user interaction is required. The CLI interface provides a "help" command listing available commands [1].

Impact

Successful exploitation grants the attacker full administrative access to the switch's CLI, enabling them to execute all available commands, including those that can alter device configuration, memory, or ports. This can lead to complete compromise of the switch's operation, including denial of service, unauthorized configuration changes, and potential network disruption [1].

Mitigation

No official patch or firmware update addressing this backdoor account has been identified in the available references. As the device is likely end-of-life, recommended mitigations include restricting Telnet and HTTP access to trusted networks via access control lists (ACLs), disabling unused management interfaces, and monitoring for unauthorized access attempts [1].