A default Cisco router feature compromises data security. The feature, called embedded packet capture (EPC), lets system administrators capture packets in order to troubleshoot.
Although EPC requires privileged access, its default settings poses risk. The Brazilian researchers who caught the vulnerability collected massive amounts of data, including user credentials and pre-shared keys, available for exploitation.
Cisco’s aware of the problem. They advise users to put appropriate user access controls in place to avoid abuse.