Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
- EPSS 13.38%
- Veröffentlicht 01.11.2008 06:00:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
The web component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 has a back door "service" account with "service" as its password, which makes it easier for remote attackers to obtain access.
6.8
CVE-2008-4875
- EPSS 8.96%
- Veröffentlicht 01.11.2008 06:00:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
Directory traversal vulnerability in the web server in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a GET request. NOTE: this can be levera...
4.3
CVE-2008-4876
- EPSS 6.49%
- Veröffentlicht 01.11.2008 06:00:01
- Zuletzt bearbeitet 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in the web server component in Philips Electronics VOIP841 DECT Phone with firmware 1.0.4.50 and 1.0.4.80 allows remote attackers to inject arbitrary web script or HTML via the request URL, which is not proper...
1