Default Password (000000) for 'admin' on WIP5000 IP Phone

Critical Nessus Plugin ID 34217


The remote IP phone has a default password set for the 'admin' user


The remote host is a WIP5000 VOIP phone. The remote host has the default password set for the 'admin' user ('000000').

An attacker may connect to it and reconfigure it using this account.


Connect to this port with a web browser and set a strong password, or change the password from the handheld device directly.

Plugin Details

Severity: Critical

ID: 34217

File Name: wip5000_default_admin_password.nasl

Version: $Revision: 1.14 $

Type: remote

Family: Misc.

Published: 2008/09/16

Modified: 2015/07/13

Dependencies: 10107

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:ND/RC:ND

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Reference Information

OSVDB: 48241