Vulnerabilities > CVE-2008-4874 - Credentials Management vulnerability in Philips Electronics Voip841 Dect Phone 1.0.4.48/1.0.4.50
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote attackers to obtain access.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities. CVE-2008-4874,CVE-2008-4875,CVE-2008-4876. Remote exploit for hardware platform |
| file | exploits/hardware/remote/5113.txt |
| id | EDB-ID:5113 |
| last seen | 2016-01-31 |
| modified | 2008-02-14 |
| platform | hardware |
| port | |
| published | 2008-02-14 |
| reporter | ikki |
| source | https://www.exploit-db.com/download/5113/ |
| title | Philips VOIP841 Firmware <= 1.0.4.800 Multiple Vulnerabilities |
| type | remote |
References
- http://archives.neohapsis.com/archives/bugtraq/2008-02/0227.html
- http://archives.neohapsis.com/archives/bugtraq/2008-02/0227.html
- http://osvdb.org/42940
- http://osvdb.org/42940
- http://secunia.com/advisories/28978
- http://secunia.com/advisories/28978
- http://securityreason.com/securityalert/4536
- http://securityreason.com/securityalert/4536
- http://www.securenetwork.it/ricerca/advisory/download/SN-2008-01.txt
- http://www.securenetwork.it/ricerca/advisory/download/SN-2008-01.txt
- http://www.securityfocus.com/archive/1/488127/100/200/threaded
- http://www.securityfocus.com/archive/1/488127/100/200/threaded
- http://www.securityfocus.com/bid/27790
- http://www.securityfocus.com/bid/27790
- http://www.vupen.com/english/advisories/2008/0583
- http://www.vupen.com/english/advisories/2008/0583
- https://www.exploit-db.com/exploits/5113
- https://www.exploit-db.com/exploits/5113