CVE-2006-0374
Advantage Century Telecommunication P202S - Unauthenticated Remote Access via Undocumented Ports
Title source: llmDescription
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which (1) might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB remote debugging ONCRPC (aka wdbrpc) on UDP 17185, (2) reflect network data using echo (TCP 7), or (3) gain access without authentication using rlogin (TCP 513).
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24149
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18514
Vendor Advisory mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/16288
Scores
EPSS
0.0165
EPSS Percentile
73.6%
Details
CWE
CWE-287
Status
published
Products (1)
advantage_century_telecommunication/p202s
1.01.21_firmware_1.1.21
Published
Jan 22, 2006
Tracked Since
Feb 18, 2026