CVE-2013-5755

Name of the Vulnerable Software and Affected Versions Yealink IP Phone SIP-T38G

Description The issue concerns hardcoded passwords in the config/.htpasswd file of the Yealink IP Phone SIP-T38G. Specifically, the passwords are: user with password s7C9Cx.rLsWFA, admin with password uoCbM.VEiKQto, and var with password jhl3iZAe./qXM. This makes it easier for remote attackers to gain access via unspecified vectors.

Recommendations For Yealink IP Phone SIP-T38G, change the hardcoded passwords for the user, admin, and var accounts to unique and secure passwords to prevent unauthorized access.