Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Polycom HDX Default Telnet Credentials

Information

Severity

Severity

Critical

Family

Family

Default Accounts

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Mitigation

Created

Created

6 years ago

Modified

Modified

5 years ago

Summary

The Polycom device has default telnet credentials or passwordless login.

Insight

Insight

The Polycom series exposes an administrative console on port 23. This administrative interface is built on PSH (Polycom Shell) and allows management of the underlying device. By default there is no password, or the password is either set to 456, admin, or POLYCOM, there is no username.

Detection Method

Detection Method

Connect to the telnet service and try to either gain direct access since no password is set or login with default credentials.

Solution

Solution

It is recommended to disable the telnet access.