[原文]ZyXel P2000W VoIP 802.11b Wireless Phone running firmware WV.00.02 allows remote attackers to obtain sensitive information, such as MAC address and software version, by directly accessing UDP port 9090.
ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
Remote / Network Access
Loss of Confidentiality
ZyXEL P-2000W_v2 VoIP Wi-Fi Phone contains a flaw that may lead to an unauthorized information disclosure. An undocumented service is running on UDP port 9090 and some information about the device could be obtained from it :
- Software/Firmware version
- MAC address
This will disclose information about the phone device resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.