Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-3723 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2016-10-17 | 7.5 HIGH | N/A |
Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access the Unidata Shell to obtain sensitive information or cause a denial of service. | |||||
CVE-2005-3719 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2016-10-17 | 4.6 MEDIUM | N/A |
Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration. | |||||
CVE-2005-3720 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2016-10-17 | 5.0 MEDIUM | N/A |
The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions. | |||||
CVE-2005-3721 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2016-10-17 | 5.0 MEDIUM | N/A |
The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration. | |||||
CVE-2005-3722 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2016-10-17 | 7.5 HIGH | N/A |
The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read or write access to system configuration using arbitrary SNMP credentials. |