Insecure Telnet Access with Hardcoded Credentials in Akuvox R50P VoIP Phone 50.0.6.156

Insecure Telnet Access with Hardcoded Credentials in Akuvox R50P VoIP Phone 50.0.6.156

CVE-2019-12327 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed.

Learn more about our Web Application Penetration Testing UK.