13 matches found
CVE-2023-23901
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdrop on or alter the communication sent to the WebUI of the...
PT-2024-5664 · Korenix · Korenix Jetport 5601V3
Name of the Vulnerable Software and Affected Versions: Korenix JetPort 5601v3 versions 1.2 and earlier Description: The issue is related to the missing encryption of sensitive data, which allows eavesdropping. This can be exploited by a remote attacker to bypass existing security restrictions...
PT-2024-12784 · Dell · Dell Esi
Name of the Vulnerable Software and Affected Versions: DELL ESI Enterprise Storage Integrator for SAP LAMA version 10.0 Description: The issue is an information disclosure vulnerability in the EHAC component. A remote unauthenticated attacker could potentially exploit this vulnerability by...
Millions of Connected Cameras Open to Eavesdropping
Millions of connected security and home cameras contain a critical software vulnerability that can allow remote attackers to tap into video feeds, according to a warning from the Cybersecurity and Infrastructure Security Agency CISA. The bug CVE-2021-32934, with a CVSS v3 base score of 9.1 has be...
CVE-2020-9528
Firmware developed by Shenzhen Hichip Vision Technology V6 through V20, as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio...
Cisco IP Phone exposed high-risk vulnerabilities can cause remote eavesdropping-vulnerability warning-the black bar safety net
Cisco small business phone the firmware of the exposed high-risk vulnerability, the attacker can the exploit monitor private telephone calls and remote dial telephone, and that a series of malicious acts does not require any authentication. Remote monitoring and makethe words The vulnerability,...
Cisco Small Business IP Phones Open to Remote Eavesdropping
Cisco is warning customers about several vulnerabilities in some of its IP phones that can allow an attacker to listen in on users’ conversations. The bug affects the Cisco SPA 300 and 500 Series IP phones. Cisco had confirmed the vulnerabilities, which were discovered by Chris Watts, a researche...
Cisco IP Phones Vulnerable To Remote Eavesdropping
A critical vulnerability in the firmware of Cisco small business phones lets an unauthenticated attacker to remotely eavesdrop on private conversation and make phone calls from vulnerable devices without needing to authenticate, Cisco warned. LISTEN AND MAKE PHONE CALLS REMOTELY The vulnerability...
CVE-2007-5637
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager BCM, and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode."...
Design/Logic Flaw
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager BCM, and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode."...
CVE-2007-5637
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager BCM, and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode."...
Nortel Networks多个UNIStim VoIP产品远程窃听漏洞
Nortel IP Phones是一款IP电话应用方案。 Nortel IP Phones存在设计错误,远程攻击者可以利用漏洞对设备进行窃听,导致敏感信息泄露。 如果正确的UNIStim消息发送给IP电话,IP电话可进入surveillance模式,UNIStim消息ID必须匹配信号服务器和IP电话间的可预期ID,协议使用16位大小作为ID数字,如果恶意用户发送65536个所有可能ID号的伪造UNIStim消息,可导致消息被窃听,造成敏感信息泄露。 Nortel Networks Universal Access - IP 0 Nortel Networks Survivable...
[Full-disclosure] Remote eavesdropping with SIP Phone GXV-3000
While playing with the SIP Madynes stateful fuzzer for a description see http://hal.inria.fr/inria-00166947/en, we have realized that some SIP stack engines have serious bugs allowing to an attacker to automatically make a remote phone accept the call without ringing and without asking the user t...