The Grandstream BudgeTone 200 IP phone, with program 1.1.1.14 and bootloader 1.1.1.5, allows remote malicious users to cause a denial of service (device crash) via SIP (1) INVITE, (2) CANCEL, or unspecified other messages with a WWW-Authenticate header containing a crafted Digest domain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grandstream budgetone 200 1.1.1.5 |
||
grandstream budgetone 200 1.1.1.14 |