An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-12-05
Updated
2023-12-11
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.
Max CVSS
7.8
EPSS Score
0.91%
Published
2017-11-20
Updated
2017-12-12
Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.
Max CVSS
5.4
EPSS Score
0.08%
Published
2017-11-16
Updated
2017-12-02
The Vonage Motorola Phone Adapter VT 2142-VD does not encrypt RTP packets, which might allow remote attackers to eavesdrop by sniffing the network and reconstructing the RTP session.
Max CVSS
7.1
EPSS Score
0.23%
Published
2007-11-01
Updated
2017-07-29
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.
Max CVSS
10.0
EPSS Score
3.56%
Published
2007-11-01
Updated
2017-07-29
The Vonage VoIP Telephone Adapter has a default administrator username "user" and password "user," which allows remote attackers to obtain administrative access.
Max CVSS
10.0
EPSS Score
1.00%
Published
2007-06-05
Updated
2018-10-16
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!