Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
D-Link DPH-400S/SE VoIP Phone 安全漏洞
Vulnerability Description
D-Link DPH-400S/SE VoIP Phone是中国友讯(D-Link)公司的一个VoIP电话。 D-Link DPH-400S/SE VoIP Phone v1.01版本存在安全漏洞,该漏洞源于硬编码凭据,可能导致敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A