CVE-2008-4874
Philips VOIP841 Firmware 1.0.4.800 - Multiple Vulnerabilities
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote attackers to obtain access.
El componente web en Philips Electronics VOIP841 DECT Phone with firmware v1.0.4.50 y v1.0.4.80 tiene una cuenta de "servicio" de puerta trasera con "service" como contraseƱa, lo que facilita a atacantes remotos obtener acceso.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-10-31 CVE Reserved
- 2008-10-31 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-11-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-255: Credentials Management Errors
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2008-02/0227.html | Mailing List | |
| http://osvdb.org/42940 | Vdb Entry | |
| http://securityreason.com/securityalert/4536 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/488127/100/200/threaded | Mailing List | |
| http://www.securityfocus.com/bid/27790 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/0583 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/5113 | 2024-08-07 | |
| http://www.securenetwork.it/ricerca/advisory/download/SN-2008-01.txt | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/28978 | 2018-10-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Philips Electronics Search vendor "Philips Electronics" | Voip841 Dect Phone Search vendor "Philips Electronics" for product "Voip841 Dect Phone" | 1.0.4.48 Search vendor "Philips Electronics" for product "Voip841 Dect Phone" and version "1.0.4.48" | - |
Affected
| ||||||
| Philips Electronics Search vendor "Philips Electronics" | Voip841 Dect Phone Search vendor "Philips Electronics" for product "Voip841 Dect Phone" | 1.0.4.50 Search vendor "Philips Electronics" for product "Voip841 Dect Phone" and version "1.0.4.50" | - |
Affected
| ||||||