Most devices that provide SNMP allow enormous amounts of data to be accessed over it. The exact information available depends on the type of device, its manufacturer and model, but generally include details of the hardware and OS type, information on the various network interfaces, statistics on the various network protocols, and general and vendor-specific details about what the device does and is doing. The volume of data available is generally too much to be useful to a systems administrator without some management code to sort through it. The security risks of allowing a potential intruder access to this information depends largely on what type of device it is, but realize that if the data is known to the device, it is probably accessible via SNMP.
Many devices allow themselves to be configured remotely via SNMP as well. Devices which do so generally can be completely configured in such a manner. This can definitely be of use to systems administrators, but also is an obvious security concern.
Despite its popularity, SNMP v1 and v2 have rather basic access control, using
passwords called community strings. Most devices are set up with two community
strings, a read community for viewing information and a set or write community for changing configurations. Many devices come out of the box with SNMP
operational and a read community string of "public
". Write
access often has to be turned on manually, but not always. Needless to say,
care should be taken with both settings.
If this vulnerability is detected, the router is affected by one or more of the following problems:
Alternatively, workarounds are available to fix some of the vulnerabilities. See the advisory for specific instructions on working around the vulnerabilities.
Some SNMP clients will allow you to restrict which hosts can send some or all write SNMP commands from, and possibly which hosts can get information as well. It is recommended that you configure such if available.