Yealink VoIP Phone SIP-T38G - Default Credentials

EDB-ID:

33739




Platform:

Hardware

Date:

2014-06-13


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Title: Yealink VoIP Phone SIP-T38G Default Credentials
Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team
Vendor Homepage: http://www.yealink.com/Companyprofile.aspx
Version: VoIP Phone SIP-T38G
CVE: CVE-2013-5755

Description:

Web interface use hardcoded default credential in /config/.htpasswd


user:s7C9Cx.rLsWFA admin:uoCbM.VEiKQto var:jhl3iZAe./qXM

Here's the cleartext password for these accounts:

user:user
admin:admin
var:var

-- 
*Mr.Un1k0d3r** or 1 #*