← volver
CVE-2005-2182

CVE-2005-2182

EPSS 1.2%
Grandstream BudgeTone (BT) 100 Voice over IP (VoIP) phones do not properly check the Call-ID, branch, and tag values in a NOTIFY message to verify a subscription, which allows remote attackers to spoof messages such as the "Messages waiting" message.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://marc.info/?l=bugtraq&m=112067698624686&w=2http://pentest.tele-consulting.com/advisories/05_07_06_voip-phones.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/21260http://www.securitytracker.com/alerts/2005/Jul/1014407.html