CVE-2013-3542 Information

Description

Grandstream GXV3501 GXV3504 GXV3601 GXV3601HD/LL GXV3611HD/LL GXV3615W/P GXV3651FHD GXV3662HD GXV3615WP_HD GXV3500 and possibly other camera models with firmware 1.0.4.11 have a hardcoded account !/\ with the same password which makes it easier for remote attackers to obtain access via a TELNET session.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Reference

http://seclists.org/fulldisclosure/2013/Jun/84 https://www.youtube.com/watch?v=XkCBs4lenhI

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

10.0