A security vulnerability has been identified in the SNMP service configuration where the default community string (e.g., "public") is enabled. This misconfiguration may allow unauthorized users to access sensitive device information or modify system settings.
Because SNMP community strings act as authentication credentials, using default values significantly increases the risk of unauthorized access.
Impact
An attacker may exploit this vulnerability to:
Retrieve sensitive system and network information
Modify device configurations remotely
Gain deeper visibility into the network environment
Potentially compromise overall network security
Affected Products
EOC655 (firmware versions prior to v1.1.1.106)
Resolution
This issue has been resolved in EOC655 firmware version v1.1.1.106.
Users are strongly recommended to upgrade to the latest firmware to eliminate this vulnerability.
