[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redlevel Advisory #025 - Vonage VoIP Telephone Adapter Default Misconfiguration

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Redlevel Advisory #025 - Vonage VoIP Telephone Adapter Default Misconfiguration
From: john@xxxxxxxxxxxxxx
Date: 2 Jun 2007 05:37:40 -0000

Vonage VoIP Telephone Adapter Default Misconfiguration

The Vonage VoIP Telephone Adapter device is, by default, accessible from the 
WLAN/internet. The product ships with the default username of 'user' and 
default password of 'user' to access the administrative backend.

Users are suggested to update their passwords immediately. An attacker could 
cause a denial-of-service by uploading broken firmware to the device, or by 
constantly rebooting the device.

John Martinelli
john@xxxxxxxxxxxxxx

http://RedLevel.org
RedLevel.org Security

Prev by Date: WebStudio Multiple XSS Vulnerabilities
Next by Date: Re: Buffer overflow in BusinessMail email server system 4.60.00
Previous by thread: WebStudio Multiple XSS Vulnerabilities
Next by thread: Re: Buffer overflow in BusinessMail email server system 4.60.00
Index(es):
- Date
- Thread