Hi
Advisory by Cisco was published a few days ago (Bugtraq ID: 48810).
Now more details:
a) all logins
b) all passwords (which are kept in the DB in plaintext)
c) other data stored in internal DB
Having access to any user on the target system (including guest user),
it is possible to get full OS root access by injection in ping/traceroute/dns lookup
functionalities.
User interface prohibits such injections, but viewing / modifying http
requests in raw form allows to bypass that restriction.
More datailed information - including screenshots:
http://www.securitum.pl/dh/cisco_sa500_hacking
–
Michal Sajdak, Securitum