Re: "just as flawed"?
At least a potential attacker would need a valid username and password to access the telnet port*, rather than anyone being able to use the ssh flaw on any affected Cisco once they knew the hard-coded credentials.
* which they could grab unencrypted from the wire if they had access and someone actually logged in over telnet, which is why telnet is bad.