CVE-2013-3542

Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
VendorProductVersion
grandstreamgxv3501_firmware
1.0.4.11
grandstreamgxv3504_firmware
1.0.4.11
grandstreamgxv3601_firmware
1.0.4.11
grandstreamgxv3601hd_firmware
1.0.4.11
grandstreamgxv3601ll_firmware
1.0.4.11
grandstreamgxv3611hd_firmware
1.0.4.11
grandstreamgxv3611ll_firmware
1.0.4.11
grandstreamgxv3615w_firmware
1.0.4.11
grandstreamgxv3615p_firmware
1.0.4.11
grandstreamgxv3651fhd_firmware
1.0.4.11
grandstreamgxv3662hd_firmware
1.0.4.11
grandstreamgxv3615wp_hd_firmware
1.0.4.11
grandstreamgxv3500_firmware
1.0.4.11
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2013/Jun/84
https://www.youtube.com/watch?v=XkCBs4lenhI
http://seclists.org/fulldisclosure/2013/Jun/84
https://www.youtube.com/watch?v=XkCBs4lenhI