[原文]Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration.
Cisco IP/VC 3500 Series Default Hardcoded SNMP Community String
Remote / Network Access
Loss of Integrity
Cisco IPVC 3500 Series contains a flaw that may allow a system compromise. The issue is triggered by default persistant SNMP community strings on the devices. It is possible that the flaw may allow a remote attacker to gain full control over the device, resulting in a loss of integrity.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): block and/or filter SNMP traffic on the switch port the vulnerable device is plugged into or at the nearest device closest to the vulnerable IPVC device.