Vulnerability in Zyxel P2000W VOIP WIFI Phone Exposes Sensitive Information
CVE-2005-3724

Currently unrated

Key Information:

Vendor: Zyxel
Status: Prestige 2000w V.1voip Wi-fi Phone; P2000w Version 1 Voip Wifi Phone
Vendor: CVE Published:; 21 November 2005

What is CVE-2005-3724?

The Zyxel P2000W Version 1 VOIP WIFI Phone is susceptible to a vulnerability that allows remote attackers to access sensitive data. This occurs through an undocumented UDP port 9090 that does not require authentication, which may also lead to a potential denial of service. Organizations using this product should consider immediate steps to mitigate the risks associated with this vulnerability, including securing the device and regularly updating firmware.

References

http://www.osvdb.org/21292

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/15478

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2005/2476

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 21, 2005
Vulnerability Reserved
Nov 21, 2005