Published: 21/03/2007 Updated: 29/07/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 785

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote malicious users to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain.

Vulnerable Product	Search on Vulmon	Subscribe to Product
grandstream budgetone 200 1.1.1.5
grandstream budgetone 200 1.1.1.14

#!/usr/bin/perl # MADYNES Security Advisory # madynesloriafr # # Title: Grandstream Budge Tone-200 denial of service vulnerability # # Release Date: 21/03/2007 # # Severity: High - Denial of Service # # Advisory ID:KIPH3 # # Hardware: Grandstream Budge Tone-200 IP Phone # wwwgrandstreamcom/consumerphoneshtml # # Aff ...

NVD-CWE-Other http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053099.html http://secunia.com/advisories/24538 http://www.securityfocus.com/bid/23075 http://www.securitytracker.com/id?1017804 http://osvdb.org/34347 http://www.vupen.com/english/advisories/2007/1054 https://exchange.xforce.ibmcloud.com/vulnerabilities/33108 https://nvd.nist.gov https://www.exploit-db.com/exploits/3535/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1590

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect