Filtered by vendor Vonage
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-47304 | 1 Vonage | 2 Vdv23, Vdv23 Firmware | 2024-11-21 | N/A | 7.8 HIGH |
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device. | |||||
CVE-2017-16902 | 1 Vonage | 2 Vdv-23, Vdv-23 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot. | |||||
CVE-2017-16843 | 1 Vonage | 2 Vdv-23, Vdv-23 Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic. | |||||
CVE-2007-5792 | 1 Vonage | 1 Motorola Phone Adapter Vt2142-vd | 2024-11-21 | 7.1 HIGH | N/A |
The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session. | |||||
CVE-2007-5791 | 1 Vonage | 1 Motorola Phone Adapter Vt2142-vd | 2024-11-21 | 10.0 HIGH | N/A |
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content. | |||||
CVE-2007-3047 | 1 Vonage | 1 Voip Telephone Adapter | 2024-11-21 | 10.0 HIGH | N/A |
The Vonage VoIP Telephone Adapter has a default administrator username "user" and password "user," which allows remote attackers to obtain administrative access. |