CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-7382

VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.exploit-db.com/exploits/29513
http://www.openwall.com/lists/oss-security/2013/10/23/10
http://www.openwall.com/lists/oss-security/2013/10/25/1
https://adamcaudill.com/2013/10/23/vicidial-multiple-vulnerabilities/
http://www.exploit-db.com/exploits/29513
http://www.openwall.com/lists/oss-security/2013/10/23/10
http://www.openwall.com/lists/oss-security/2013/10/25/1
https://adamcaudill.com/2013/10/23/vicidial-multiple-vulnerabilities/

Products affected by CVE-2013-7382

Vicidial » Vicidial » Version: 2.7

cpe:2.3:a:vicidial:vicidial:2.7
Vicidial » Vicidial » Version: 2.8

cpe:2.3:a:vicidial:vicidial:2.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-7382

Products

Pricing

Contact Us