Описание
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*
cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00156
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone.
EPSS
Процентиль: 37%
0.00156
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other