CVE-2006-0374

Advantage Century Telecommunication P202S - Unauthenticated Remote Access via Undocumented Ports

Title source: llm
STIX 2.1

Description

Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which (1) might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB remote debugging ONCRPC (aka wdbrpc) on UDP 17185, (2) reflect network data using echo (TCP 7), or (3) gain access without authentication using rlogin (TCP 513).

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24149
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18514
Vendor Advisory mailing-list x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16288

Scores

EPSS 0.0165
EPSS Percentile 73.6%

Details

CWE
CWE-287
Status published
Products (1)
advantage_century_telecommunication/p202s 1.01.21_firmware_1.1.21
Published Jan 22, 2006
Tracked Since Feb 18, 2026