[VOIPSEC] Fwd: FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access
Shawn Merdinger
shawnmer at gmail.com
Sat Sep 23 15:05:15 CDT 2006
fyi
---------- Forwarded message ----------
From: Shawn Merdinger <shawnmer at gmail.com>
Date: Sep 21, 2006 5:14 PM
Subject: FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet
user/pass and debug access
To: full-disclosure at lists.grok.org.uk
Zachary McGrew has discovered and reported that the FiWin SS28S WiFi
VoIP SIP/Skype Phone with firmware version 01_02_07 has VxWorks Telnet
open with a hardcoded user/pass of 1/1. Various debug commonds enable
viewing SIP credentials, WEP keys, etc. on the phone.
More details here:
http://www.osnews.com/story.php/15923/Review-FiWin-SS28S-WiFi-VoIP-SIPSkype-Phone/
Credit goes to Zachary McGrew.
Thanks,
--scm
More information about the Voipsec
mailing list