ROS-20240918-14

A vulnerability in Asterisk and Certified Asterisk IP telephony management systems is related to errors in sending a SIP request to a URI. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service and shutdown...

The vulnerability of Asterisk IP-telephony management systems and Certified Asterisk, related to errors in sending SIP requests to URIs, allows attackers to trigger an emergency termination of the application’s operation.

The vulnerability of Asterisk IP-telephony systems and Certified Asterisk is related to errors in sending SIP requests with URIs. Exploiting this vulnerability can allow a malicious actor to cause service failures and terminate operations remotely...

The vulnerability of the ajaxHandler function (ucp/Cdr.class.php) in the web interface for managing IP telephony systems FreePBX allows a hacker to execute arbitrary SQL commands.

The vulnerability of the ajaxHandler function ucp/Cdr.class.php in the web interface for managing IP telephony systems called FreePBX is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL comman...

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems, FreePBX, allows a intruder to execute arbitrary code.

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems like FreePBX lies in the ability to inject code into the URL addresses. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Cisco Unified CM and Unified CM SME Denial of Service Vulnerability

Cisco Unified Communications Manager is a call processing component of Cisco's Unified Communications System. The component provides a scalable, distributable, and highly available call processing solution for enterprise IP telephony. Unified Communications Manager Session Management Edition is t...

Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability (CNVD-2021-103095)

Cisco Unified Communications Manager is a call processing component of Cisco's Unified Communications System. The component provides a scalable, distributable, and highly available enterprise IP telephony call processing solution.A cross-site request forgery vulnerability exists in Cisco Unified...

D-Link DVX-2000MS Default Account Vulnerability

A security vulnerability exists in the D-Link DVX-2000MS, a hardware for IP telephony systems from D-Link in Taiwan, China. file contains hard-coded credentials that do not record user accounts. An attacker could exploit this vulnerability to recover plaintext passwords from hash values...

Cisco Cross-Site Scripting Vulnerability

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A security vulnerability exists ...

Nippon Telegraph and Telephone Hikari Denwa Phone Home Gateway Cross-Site Request Forgery Vulnerability

Nippon Telegraph and Telephone Hikari Denwa Phone Home Gateway is an IP telephony service from Nippon Telegraph and Telephone for its fiber optic service subscribers. A cross-site request forgery vulnerability exists in Nippon Telegraph and Telephone Hikari Denwa Phone Home Gateway. The...

The vulnerability of the Murmur server component in the Mumble software for implementing IP telephony, related to insufficient input data validation, allows a hacker to trigger a service failure.

The vulnerability of the Murmur server component in the Mumble software for implementing IP telephony is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures by processing multiple requests simultaneously, by sending a...

Unprotected VOIP Server Exposed Millions of SMS Messages, Call Logs

A California-based Voice-Over-IP VoIP services provider VOIPO has accidentally left tens of gigabytes of its customer data, containing millions of call logs, SMS/MMS messages, and plaintext internal system credentials, publicly accessible to anyone without authentication. VOIPo is one of a leadin...

FreePBX 13.0.35 remote code execution

A vulnerability overview 1. Vulnerability description FreePBX is called the Asterisk Management Portal, IP telephony tools Asterisk standardized implementation that provides a Web configuration interface and other workers FreePBX in functions.inc.php file exists for the parameters without...

The vulnerability of Asterisk IP-telephony management systems and Certified Asterisk, which allows a perpetrator to trigger a service failure.

The vulnerability of Asterisk IP-telephony systems and Certified Asterisk is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor to cause service failures pointer assignment of an uninitialized pointer and emergency termination of operations...

The vulnerability of the Cisco Unified Communications Manager system allows a perpetrator to execute arbitrary SQL commands.

The vulnerability of the Cisco Unified Communications Manager IP telephony management system is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted URL...

Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities Advisory ID: cisco-sa-20120229-cucm Revision 1.0 For Public Release 2012 February 29 16:00 UTC GMT Summary ======= Cisco Unified Communications Manager devices may...

Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20100922-cucmsip http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml Revision 1.0 For Public Release 2010 Septemb...

reSIProcate 1.3.2 Remote Denial of Service PoC

Exploit for multiple platform in category dos / poc ============================================== reSIProcate 1.3.2 Remote Denial of Service PoC ============================================== -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008...

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities Advisory ID: cisco-sa-20080625-cucm Revision 1.0 For Public Release 2008 June 25 1600 UTC GMT...

Cisco IP telephony routers DoS

SIP packet UDP/5060 to device with vois over IP support, but not configured for SIP causes device to crash...

Linksys RT31P2 SIP DoS

IP telephony hangs on invalid SIP message...