The Hacker News Logo
Subscribe to Newsletter

SSH Backdoor accounts in multiple Barracuda Products

Firewall, VPN and spam filtering products from Barracuda Networks contains hidden hard coded backdoor ed SSH accounts, that allow any hacker to remotely log in and root access sensitive information.

According to an advisory published by Stefan Viehböck of SEC Consult Vulnerability Lab reported the vulnerabilities in default firewall configuration and default user accounts on the unit. Barracuda were informed of the vulnerabilities at the end of November.

All Barracuda Networks appliances with the exception of the Barracuda Backup Server, Barracuda Firewall, and Barracuda NG Firewall are potentially affected i.e Barracuda Spam and Virus Firewall, Barracuda Web Filter, Barracuda Message Archiver, Barracuda Web Application Firewall, Barracuda Link Balancer, Barracuda Load Balancer, Barracuda SSL VPN, CudaTel.

Barracuda recommended that all customers immediately update their Barracuda security definitions to v2.0.5, ensure the products' security definitions are set to on, and check that they're using the most recent firmware. In an attempt to limit access to the backdoor, Barracuda added network rules which only allow access to SSH from certain IP addresses.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.