-- RICKROLL --
Description
During a local CTF, there was a challenge that had a VoIP. I interacted with DLINK DPH-400SE running a firmware version of FRU 2.2.15.8. It's basically a VoIP phone and the vendor is DLINK In this writeup. I explain how I was able to uncover yet another vulnerability generally a weakness of the ID 200 : CWE-200, This weakness allowed me to login to the web portal of the device using default guest credentials and read all the SIP authenticated user passwords as well as the administrator's password.
POC
Log in to the portal using the credentials "guest:guest"
Heading to the maintenance tab, we have the access feature which has an option to modify accounts accessing the devices: