Xpressa@1.2.7.4 Security Vulnerabilities and Issues — Xpressa@1.2.7.4 CVE List

Lucene search

PingtelXpressa1.2.7.4

4 matches found

CVE•added 2004/09/01 4:0 a.m.•41 views

CVE-2002-0668

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call Forwarding settings and hijack calls.

7.5CVSS6.4AI score0.0049EPSS

CVE•added 2004/09/01 4:0 a.m.•39 views

CVE-2002-0672

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.

4.6CVSS6.6AI score0.00158EPSS

CVE•added 2004/09/01 4:0 a.m.•34 views

CVE-2002-0673

The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the phone to log out the current user and re-register the phone using MyPingtel Sign-In to gain remote access and perform unauthorized actions.

4.6CVSS6.6AI score0.00156EPSS

CVE•added 2004/09/01 4:0 a.m.•33 views

CVE-2002-0674

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could allow other users to perform administrator actions if the administrator does not explicitly end the authentication.

7.2CVSS6.5AI score0.00069EPSS