Default Password (0000) for 'user' on WIP5000 IP Phone

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote IP phone has a default password set for the 'user' user.

Description :

The remote host is a WIP5000 VOIP phone. The remote host has the
default password set for the 'user' user ('0000').

An attacker may connect to it and get useful information about the phone
book of the remote phone using this account.

Solution :

Connect to this port with a web browser and set a strong password, or
change the password from the handheld device directly.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.5
(CVSS2#E:H/RL:ND/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 34218 ()

Bugtraq ID:

CVE ID: