<<< Date Index >>>     <<< Thread Index >>>

Redlevel Advisory #025 - Vonage VoIP Telephone Adapter Default Misconfiguration



Vonage VoIP Telephone Adapter Default Misconfiguration

The Vonage VoIP Telephone Adapter device is, by default, accessible from the 
WLAN/internet. The product ships with the default username of 'user' and 
default password of 'user' to access the administrative backend.

Users are suggested to update their passwords immediately. An attacker could 
cause a denial-of-service by uploading broken firmware to the device, or by 
constantly rebooting the device.

John Martinelli
john@xxxxxxxxxxxxxx

http://RedLevel.org
RedLevel.org Security