CVE-2019-12327

NONE EPSS 77.0%
Published Jul 22, 20196y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jul 22, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow an attacker to get access to the device via telnet. The telnet service is running on port 2323; it cannot be turned off and the credentials cannot be changed.

Threat Intelligence

EPSS Exploit Probability
77.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-798 Use of Hard-coded Credentials Authentication

Affected Products 2

VendorProductVersionRange
akuvoxsp-r50p_firmware50.0.6.156any
akuvoxsp-r50p*any

References 1

  • sit.fraunhofer.de https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Akuvox_R50P.pdf
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.