Vulnerability Details CVE-2005-3721
The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=full-disclosure&m=113217425618951&w=2
- http://secunia.com/advisories/17628
- http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf
- http://marc.info/?l=full-disclosure&m=113217425618951&w=2
- http://secunia.com/advisories/17628
- http://www.hitachi-cable.co.jp/ICSFiles/infosystem/security/76659792_e.pdf
Products affected by CVE-2005-3721
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.0
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.10
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.2
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.4
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.5
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.6
-
cpe:2.3:h:hitachi:ip5000_voip_wifi_phone:1.5.8