«
»

Grandstream GXP VOIP Phones Default Credentials

Ran across a saved Shodan search for Grandstream GXP VOIP phones and a note about the defaults. They just use a password for authentication not account name and ‘admin’ works for administrator while ‘123’ works for user level. Many people seem to forget to change the default user account! The note says it works for “high-end and low-end: 1405, 1200, 2100, 280, etc.” I quickly tested these models:
GXP280 (HW0.3B)
GXP1200 (HW0.2B)
GXP2000 (HW1.1A)
GXP2000 (HW1.2B)
GXP2000 (HW2.2A)
GXP2010 (HW0.2C)

The login screen with just a password prompt:

grandstream1

User level access gives you the status and basic settings page but that allows you to reboot the device as well:

grandstream2

grandstream3

Tags: ,

This entry was posted on October 30, 2013 at 12:00 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a comment