Information Disclosure in Hitachi IP5000 VoIP WIFI Phone
CVE-2005-3721

Currently unrated

Key Information:

Vendor: Hitachi
Status: Ip5000 Voip Wifi Phone
Vendor: CVE Published:; 21 November 2005

Summary

The Hitachi IP5000 VoIP WIFI Phone version 1.5.6 has a significant security flaw due to its default HTTP server configuration that fails to enforce authentication on sensitive configuration pages. This oversight allows remote attackers to access and alter essential settings without proper authorization, potentially leading to unauthorized use or manipulation of the device. Secure configuration practices should be implemented to mitigate risks associated with this vulnerability.

References

http://secunia.com/advisories/17628

third-party-advisoryx_refsource_SECUNIA

http://www.hitachi-cable.co.jp/ICSFiles/infosystem/securi...

x_refsource_MISC

http://marc.info/?l=full-disclosure&m=113217425618951&w=2

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Nov 21, 2005
Vulnerability Reserved
Nov 21, 2005