← back
CVE-2013-7382

CVE-2013-7382

EPSS 2.8%
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to obtain access.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/29513unverifiedexploitdbwww.exploit-db.com/exploits/29513unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://adamcaudill.com/2013/10/23/vicidial-multiple-vulnerabilities/http://www.exploit-db.com/exploits/29513http://www.openwall.com/lists/oss-security/2013/10/23/10http://www.openwall.com/lists/oss-security/2013/10/25/1