Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and cable modems are leaking authentication details in plain text. The data could be extracted by gaining access to the read-only public SNMP community string, which enables outside access to device information. While only vulnerabilities in three brands were disclosed today, a Shodan search turns up potentially hundreds of thousands of devices that are exposing SNMP to the Internet that could be equally vulnerable. The vulnerabilities are in existing hardware and in current devices.
Source: https://threatpost.com/embedded-devices-leak-authentication-data-via-snmp-community-string/106137/