Vulnerabilities > CVE-2002-0672 - Local Security vulnerability in Xpressa 1.2.5/1.2.7.4

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
pingtel

Summary

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.

Vulnerable Configurations

Part Description Count
Hardware
Pingtel
2