Published: 01/11/2008 Updated: 11/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote malicious users to obtain access.

Vulnerable Product	Search on Vulmon	Subscribe to Product
philips electronics voip841 dect phone 1.0.4.50
philips electronics voip841 dect phone 1.0.4.48

:[ Philips VOIP841 Multiple Vulnerabilities ]: Luca "ikki" Carettoni - lucacarettoni@ikkisoftcom Systems affected: Philips VOIP841, Firmware Version 10450 and 10480, Web Server Version 15 (simple httpd) Systems not affected: n/a (a) Hidden Administration Account (web management console) service:service (b) Directory Listing, Director ...

CWE-255 http://www.securityfocus.com/bid/27790 http://www.securenetwork.it/ricerca/advisory/download/SN-2008-01.txt http://secunia.com/advisories/28978 http://securityreason.com/securityalert/4536 http://archives.neohapsis.com/archives/bugtraq/2008-02/0227.html http://osvdb.org/42940 http://www.vupen.com/english/advisories/2008/0583 https://www.exploit-db.com/exploits/5113 http://www.securityfocus.com/archive/1/488127/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/5113/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4874

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect