CVE-2013-5755

Yealink Sip-t38g - Credentials Management

Title source: rule

Description

config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Exploits (1)

exploitdb WRITEUP

by Mr.Un1k0d3r · textremotehardware

https://www.exploit-db.com/exploits/33739

View Code ZIP pw:eip

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/33739

Scores

EPSS 0.1540

EPSS Percentile 94.7%

Details

CWE

CWE-255

Status published

Products (1)

yealink/sip-t38g

Published Jul 16, 2014

Tracked Since Feb 18, 2026