CVE-2002-0675 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2002-0675

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware upgrade, which allows unauthorized users to upgrade the phone.

Affected Software

Name	Vendor	Start Version	End Version
Xpressa	Pingtel	1.2.5 (including)	1.2.5 (including)
Xpressa	Pingtel	1.2.7.4 (including)	1.2.7.4 (including)

References

http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.iss.net/security_center/static/9570.php
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
http://www.securityfocus.com/bid/5223
http://www.atstake.com/research/advisories/2002/a071202-1.txt
http://www.iss.net/security_center/static/9570.php
http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
http://www.securityfocus.com/bid/5223