Another great reason to use your WiFi phone behind a reliable firewall, at home, in the dark. The list of vulnerabilities on this baby include open and immutable SNMP settings, open telnet and rlogin access. Ouch!
I guess we won’t be administering this one via SNMP. Here’s the lowdown from securiteam
Here’s a quote:
“UTstarcom F1000 VoIP Wifi Phone rlogin (TCP/513) unauthenticated access:
The phone’s rlogin port TCP/513 is listening by default and requires no authentication. An attacker connecting to the phone via telnet/netcat is dropped into a shell without any login. The shell provides an attacker full access to the Vxworks OS, including debugging, direct memory dumping/injection, read/write device, user and network configuration files, enable/disable/restart services, remote reboot.”