Firewall, VPN and spam filtering products from Barracuda Networks contains hidden hard coded backdoor ed SSH accounts, that allow any hacker to remotely log in and root access sensitive information.
According to an advisory published by Stefan Viehböck of SEC Consult Vulnerability Lab reported the vulnerabilities in default firewall configuration and default user accounts on the unit. Barracuda were informed of the vulnerabilities at the end of November.
All Barracuda Networks appliances with the exception of the Barracuda Backup Server, Barracuda Firewall, and Barracuda NG Firewall are potentially affected i.e Barracuda Spam and Virus Firewall, Barracuda Web Filter, Barracuda Message Archiver, Barracuda Web Application Firewall, Barracuda Link Balancer, Barracuda Load Balancer, Barracuda SSL VPN, CudaTel.
Barracuda recommended that all customers immediately update their Barracuda security definitions to v2.0.5, ensure the products' security definitions are set to on, and check that they're using the most recent firmware. In an attempt to limit access to the backdoor, Barracuda added network rules which only allow access to SSH from certain IP addresses.
About the author