Yealink VoIP Phone SIP-T38G - Default Credentials

Author: Mr.Un1k0d3r
type: remote
platform: hardware
port: 
date_added: 2014-06-13 
date_updated: 2014-06-13 
verified: 0 
codes: CVE-2013-5755;OSVDB-108078 
tags: 
aliases:  
screenshot_url:  
application_url: 

Title: Yealink VoIP Phone SIP-T38G Default Credentials
Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team
Vendor Homepage: http://www.yealink.com/Companyprofile.aspx
Version: VoIP Phone SIP-T38G
CVE: CVE-2013-5755

Description:

Web interface use hardcoded default credential in /config/.htpasswd


user:s7C9Cx.rLsWFA admin:uoCbM.VEiKQto var:jhl3iZAe./qXM

Here's the cleartext password for these accounts:

user:user
admin:admin
var:var

--
*Mr.Un1k0d3r** or 1 #*