Redlevel Advisory #025 - Vonage VoIP Telephone Adapter Default Misconfiguration
Vonage VoIP Telephone Adapter Default Misconfiguration
The Vonage VoIP Telephone Adapter device is, by default, accessible from the
WLAN/internet. The product ships with the default username of 'user' and
default password of 'user' to access the administrative backend.
Users are suggested to update their passwords immediately. An attacker could
cause a denial-of-service by uploading broken firmware to the device, or by
constantly rebooting the device.
John Martinelli
john@xxxxxxxxxxxxxx
http://RedLevel.org
RedLevel.org Security