Skip to main content
CVE-2013-5755 CRITICAL POC THREAT Emergency

config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 15.4%.

Authentication Bypass Sip T38G
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
15.4%
Threat
4.0
CVE-2014-2606 CRITICAL Act Now

Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote authenticated users to gain privileges via unknown vectors. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Storage Management Software Storevirtual 4130 Storevirtual 4330 +7
NVD
CVSS 2.0
9.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy