ID
VAR-200511-0513
TITLE
Hitachi WirelessIP 5000+ unauthorized access vulnerability
Trust: 0.6
DESCRIPTION
The WirelessIP5000 developed by Hitachi Cable is an open wireless IP phone that complies with the VoIP standard communication protocol SIP. There are multiple security vulnerabilities in WirelessIP5000, as follows: (a) The existence of an undocumented open port TCP / 3390 in the WirelessIP5000 phone may allow remote unauthenticated attackers to access sensitive information and may cause a denial of service; (b) A vulnerability in the WirelessIP5000 phone could allow remote attackers to change device configuration using SNMP; (c) The default configuration of the WirelessIP5000 phone HTTP server requires no credentials to authenticate, so remote attackers can perform management functions without authentication; (d) WirelessIP5000 phone HTTP server may leak sensitive information; (e) There is a default management password in the WirelessIP5000 phone. An attacker who knows this password can take complete control of the device.
Trust: 0.6
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | none | model: | - | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2005-4053 | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2005-4053 |
LAST UPDATE DATE
2022-05-04T10:02:38.027000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2005-4053 | date: | 2005-11-16T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2005-4053 | date: | 2005-11-16T00:00:00 |