PT-2002-1701 · Pingtel · Pingtel Xpressa

Published

2002-07-15

Updated

2008-09-10

CVE-2002-0675

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Pingtel xpressa SIP-based voice-over-IP phone versions 1.2.5 through 1.2.7.4

Description The issue allows unauthorized users to upgrade the phone's firmware without requiring administrative privileges.

Recommendations For versions 1.2.5 through 1.2.7.4, consider restricting access to the firmware upgrade functionality to prevent unauthorized upgrades until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0675

Affected Products

Pingtel Xpressa

PT-2002-1701 · Pingtel · Pingtel Xpressa

CVE-2002-0675

Related Identifiers

Affected Products

References · 5