10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
Low
0.048 Low
EPSS
Percentile
92.7%
Title: Yealink VoIP Phone SIP-T38G Default Credentials
Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team
Vendor Homepage: http://www.yealink.com/Companyprofile.aspx
Version: VoIP Phone SIP-T38G
CVE: CVE-2013-5755
Description:
Web interface use hardcoded default credential in /config/.htpasswd
user:s7C9Cx.rLsWFA admin:uoCbM.VEiKQto var:jhl3iZAe./qXM
Here's the cleartext password for these accounts:
user:user
admin:admin
var:var
--
*Mr.Un1k0d3r** or 1 #*