exploitDog

CVE-2002-0672

Опубликовано: 23 июл. 2002

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.

Ссылки

http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.iss.net/security_center/static/9567.php
Vendor Advisory
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
Vendor Advisory
http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.iss.net/security_center/static/9567.php
Vendor Advisory
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*

cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00158

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4jm6-vv65-r63r

github

почти 4 года назад

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.

EPSS

Процентиль: 37%

0.00158

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other