Default 3com bay switch vro account and password

Default 3com bay switch vro account and password


Information Source: Niu Ge

3COM maintains the devices they sell in a strange way. Any of the following passwords are the highest permissions and can be set freely.

CoreBuilder 6000/2500-username: debug password: synnet
CoreBuilder 3500 (Version 1.0)-username: debug password: synnet
CoreBuilder 7000-username: tech password: tech
SuperStack II Switch 2200-username: debug password: synnet
SuperStack II Switch 2700-username: tech password: tech
Bay Networks seems like 3com is a good method, so they added the backdoor password "NetICs" to their 350 (maybe there are other models) products ", similar situations were not reported in the accelar product series.

In addition to the vswitch, 3com also adds the default password to the Access Server. The username is "adm" and the password is blank.

In extreme cases, this can be used as a means to restore the password.

When using a Nortel (Bay) switch, we accidentally found that almost all products in Bay had a Hidden mode. On 350/450, we press ctrl-H or the return key to enter the Hidden Menu.
On Accelar 1100/1200, enter sh h and you will see a list of hidden commands.
The privilige command must be executed after the rwa user logs on. After the command is executed, you can enter a privileged mode,
The prompt is also changed to *, and then you can enter "shell" to enter a special environment. See help for some debugging functions,
It's very interesting. I hope someone can continue mining. Http://XXX.com /~ Watchsea/otherswi.htm
3Com Security Advisory for CoreBuilder and SuperStack II MERs
3Com is issuing a security advisory affecting select CoreBuilder LAN switches and SuperStack II Switch products. this is in response to the widespread distribution of special logins intended for service and recovery procedures issued only by 3 Coms Customer Service Organization under conditions of extreme emergency, such as in the event of a customer losing passwords.

Due to this disclosure some 3Com switching products may be vulnerable to security breaches caused by unauthorized access via special logins.

To address these issues, customers shocould immediately log in to their switches via the following usernames and passwords. They shoshould then proceed to change the password via the appropriate Password parameter to prevent unauthorized access.


CoreBuilder 6000/2500-username: debug password: synnet
CoreBuilder 3500 (Version 1.0)-username: debug password: synnet
CoreBuilder 7000-username: tech password: tech
SuperStack II Switch 2200-username: debug password: synnet
SuperStack II Switch 2700-username: tech password: tech
The CoreBuilder 3500 (Version 1.1), SuperStack II Switch 3900 and 9300 also have these mechanisms, but the special login password is changed to match the admin level password when the admin level password is changed.

Customers shoshould also immediately change the SNMP Community string from the default to a proprietary and confidential identifier known only to authorized network management staff. this is due to the fact that the admin password is available through a specific proprietary MIB variable when accessed through the read/write SNMP community string.

This issue applies only to the CoreBuilder 2500/6000/3500 and SuperStack II Switch 2200/3900/9300.

Fixed versions of software for CoreBuilder 2500/6000/3500 and SuperStack II Switch 2200/3900/9300 are available below.

General administration of these systems shocould still be performed med through the normal procedure ented usernames and passwords. other facilities found under these special logins are for diagnostic purposes and shoshould only be used under specific guidance from 3 Coms Customer Service Organization.