CVE-2013-5755

Yealink SIP-T38G - Hardcoded Passwords for User, Admin, and Var Accounts

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-5755. PoCs published by Mr.Un1k0d3r.

AI-analyzed exploit summary This entry discloses default hardcoded credentials for Yealink VoIP Phone SIP-T38G, allowing unauthorized access to the web interface. The credentials are provided in both hashed and cleartext forms.

Description

config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Exploits (1)

exploitdb WRITEUP

by Mr.Un1k0d3r · textremotehardware

https://www.exploit-db.com/exploits/33739

View Code ZIP pw:eip

This entry discloses default hardcoded credentials for Yealink VoIP Phone SIP-T38G, allowing unauthorized access to the web interface. The credentials are provided in both hashed and cleartext forms.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Yealink VoIP Phone SIP-T38G

No auth needed

Prerequisites: network access to the device · web interface exposed

MITRE ATT&CK

T1110.001 - Password Guessing T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/33739

Scores

EPSS 0.0434

EPSS Percentile 89.9%

Details

CWE

CWE-255

Status published

Products (1)

yealink/sip-t38g

Published Jul 16, 2014

Tracked Since Feb 18, 2026