EUVD-2005-3714

Malware in sbrugna...

EUVD-2005-3715

Malware in sbrugna...

CVE-2002-1936

UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows remote attackers to gain access via 1 field account with a password of "field", 2 guru account with a password of "3noguru", 3 snmp account with a password of "snmp", or 4 dbase account with a...

UTStar WA3002G4 Authentication Bypass Vulnerability

The UTStar WA3002G4 is a modem from UTStarcom USA. An authentication bypass vulnerability exists in the UTStar WA3002G4. An attacker can use this vulnerability to directly access administrator settings and obtain plaintext credentials from the HTML source...

UTstarcom WA3002G4 - Unauthenticated DNS Change Exploit

Exploit for hardware platform in category web applications !/bin/bash UTstarcom WA3002G4 Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, whic...

UTstarcom WA3002G4 Unauthenticated Remote DNS Changer

!/bin/bash UTstarcom WA3002G4 Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once modified,...

UTstarcom WA3002G4 - DNS Change

!/bin/bash UTstarcom WA3002G4 Unauthenticated Remote DNS Change Exploit Copyright 2017 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once modified,...

CVE-2005-3718

UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to 1 SNMP or 2 the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, whic...

CVE-2005-3717

The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain full access to the system...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3717

CVE-2005-3717 documents a vulnerability in the telnet daemon of UTStarcom F1000 VOIP WIFI Phone (S2.0) running VxWorks 5.5.1 with kernel WIND 2.6. The issue arises from a default account with username "target" and password "password", enabling remote attackers to gain full system access. Public s...

CVE-2005-3718

Affected product: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6. Vulnerability details: The device does not allow users to disable access to (1) SNMP or (2) rlogin on TCP 513, enabling remote attackers to trigger other vulnerabilities (e.g., CVE-2005-3716) or exe...

CVE-2005-3718

UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to 1 SNMP or 2 the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, whic...

CVE-2005-3717

The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain full access to the system...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3716

CVE-2005-3716 affects UTStarcom F1000 VOIP WIFI Phone (s2.0, VxWorks 5.5.1, WIND 2.6). The SNMP daemon uses hard-coded public credentials that cannot be changed, enabling attackers to obtain sensitive information. No exploit details are provided in the documents, and the impact is reported as par...

PT-2005-4471 · Wind River +1 · Vxworks +2

Name of the Vulnerable Software and Affected Versions: UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 Description: The issue concerns hard-coded public credentials in the SNMP daemon that cannot be changed, allowing attackers to obtain sensitive information...

Multiple UTstarcom F1000 wirieless Wi-Fi VoIP phones vulnerabilities

SNMP access, unauthenticated telnet TCP/21 and rlogin TCP/513 access...

[Full-disclosure] UTstarcom F1000 VoIP Wifi phone multiple vulnerabilities

I disclosed today the following vulnerabilities at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: UTStarcom VENDOR NOTIFIED: 27 June, 2005 via...

CVE-2002-1936

UTStarcom BAS 1000 3.1.10 is affected by a vulnerability where several default or back door accounts exist with hardcoded passwords, allowing remote access. Specifically, accounts and passwords cited are: field (*field), guru (*3noguru), snmp (snmp), and dbase (dbase). The public documents descri...