Описание
config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:h:yealink:sip-t38g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.16353
Средний
10 Critical
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
больше 3 лет назад
config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors.
EPSS
Процентиль: 95%
0.16353
Средний
10 Critical
CVSS2
Дефекты
CWE-255