CPSEC-4: Weak Encryption of stored user passwords
October 20, 2018
Summary: The passwords for local user accounts, stored locally on the router, were not effectively encrypted.
Mitigation: Involved changing admin and user passwords. Disable local and remote access to the router and restrict remote access to certain IP’s. For more information or instructions on these mitigation steps, consult the Cradlepoint Knowledgebase or contact Cradlepoint Support.