A slew of products from security provider Barracuda Networks contain a backdoor that could enable outsiders to remotely access accounts and steal information.
"Undocumented operating system user accounts", or backdoors, can be accessed via Secure Shell (SSH), a protocol that permits encrypted remote login and communication.
The IP addresses that can access these appliances are meant to be limited to Barracuda, but that's not the case, according to researchers.
"The public [IP] ranges include servers run by Barracuda...but also servers from other, unaffiliated entities – all of whom can access SSH on all affected Barracuda Networks appliances exposed to the internet," SEC Consult said in an advisory.
Barracuda said the vulnerabilities have been resolved and urged customers to update their security definitions.
"Our research has confirmed that an attacker with specific internal knowledge of the Barracuda appliances may be able to remotely log into a non-privileged account on the appliance from a small set of IP addresses," the advisory said.
"The vulnerabilities are the result of the default firewall configuration and default user accounts on the unit."
Austrian-based advisory firm SEC Consult privately reported the vulnerability to Barracuda in late November. Affected products include its Spam and Virus Firewall, Web Application Firewall, Web Filter and SSL VPN.
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
