The remote host is a Cisco VG248 with a blank password. The Cisco VG248 does not have a password set and allows direct access to the configuration interface. An attacker could telnet to the Cisco unit and reconfigure it to lock the owner out as well as completely disable the phone system.
Telnet to this unit and at the configuration interface: Choose Configure-> and set the login and enable passwords. If possible, in the future do not use telnet since it is an insecure protocol.
- Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability
- Cisco IOS XR Software Fragmented Packets Processing Denial of Service Vulnerability
- Multiple Cisco Products Multiple Remote Buffer Overflow Vulnerabilities
- CISCO Secure ACS Management Interface Login Overflow
- Cisco TelePresence TC and TE Software Multiple Security Vulnerabilities