cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
582
Views
0
Helpful
4
Replies
Highlighted
Contributor

Cisco SPA30X IP Phone Admin Password Reset

Hello ,

 

I have Cisco SPA30X and 50X series IP Phones. All of them have static IP address but don't have any TFTP option in provisioning. Someone changed default admin password and we can not reach web page. I tried to reset password via SPA303.cfg and xxxxxx.xml file. But nothing changed. Still have a password problem. How can I reset phone password ? Have and other option to reset password ? 

4 REPLIES 4
Highlighted
Advocate

Phone accessible from network with default admin password - not so surprising someone reconfigured it.

Reset phone to factory defaults using phone's local menu (keyboard). The attacker may reconfigured not only admin password. Configure the phone from the scratch.

I tried to reset password via SPA303.cfg and xxxxxx.xml file

You didn't mentioned how you tried to do it. If you have provisioning disabled, those files are not used.

Highlighted

Hello Dan ,

Thank you for your interesting but local menu need password too. So no way to reset phone?

Highlighted

It is possible to lock phone that there is no(!) way to unlock it. We can hope it is not our case.

Well. Can you use a packet catcher (like tcpdump or wireshark or so) to catch all packets transmitted by the phone ? OK, then use it.

1.  Catch all packets sent by phone during boot. May be, the phone is seeking for a configuration file during the boot. It will help us to reconfigure the phone.

2. If the provisioning is NOT turned off, but Profile Rule is not configured, the http://<phone-ip>/admin/resync?url-to-provisioning-file trick may allow us to reconfigure the phone. Try it. Observe phone's packets during it.

If the methods mentioned above will not solve the problem, we can try to fetch phone's current configuration. Try to fetch http://<phone-ip>/admin/spacfg.xml

As a latest solution, you can call Cisco support for help. But according my experience, it's waste of time. SMB TAC guys doesn't understand the matter. Even Google will give you better advice.

 

Highlighted

Hello Dan ,

 

Thank you . I'll try all steps you shared. I hope one of them is solve our problem.
 

Have a nice day.