A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default, static credentials that cannot be changed or deleted.

Oh, what a brilliant idea, Cisco! Who needs security anyway, right? Let’s just hand out root access like candy on Halloween. What could possibly go wrong!