[VOIPSEC] Fwd: FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access
shawnmer at gmail.com
Sat Sep 23 21:05:15 BST 2006
---------- Forwarded message ----------
From: Shawn Merdinger <shawnmer at gmail.com>
Date: Sep 21, 2006 5:14 PM
Subject: FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet
user/pass and debug access
To: full-disclosure at lists.grok.org.uk
Zachary McGrew has discovered and reported that the FiWin SS28S WiFi
VoIP SIP/Skype Phone with firmware version 01_02_07 has VxWorks Telnet
open with a hardcoded user/pass of 1/1. Various debug commonds enable
viewing SIP credentials, WEP keys, etc. on the phone.
More details here:
Credit goes to Zachary McGrew.
More information about the Voipsec