Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The cert alert seems to imply this is a general vulnerability, but really it mostly seems to be a default misconfiguration enabling IP-in-IP on a few products. I just modified the PoC and did a scan of my home network, which has a pretty broad range of random consumer gear. Nothing decapsulated the scan packets. So while there are clearly some affected products and they clearly need patching, it doesn't seem all that widespread.


"A few products"? Looks like the whole Cisco Nexus series of data center switches is vulnerable in their default configuration.

https://www.cisco.com/c/en/us/products/switches/data-center-...

That's a whole lot of high-end switches in high-sensitivity environment.

Cisco advisory: https://tools.cisco.com/security/center/content/CiscoSecurit...


OK, I'd missed that. That this is primarily a Cisco misconfiguration issue didn't really come across in the Cert bulletin.


So Cisco defaults are terrible.

Do they still have telnet open by default?




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: