Pingtel: >> Xpressa Firmware Security Vulnerabilities
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.
CVSS Score
9.8
EPSS Score
0.005
Published
2002-07-23