Every CVE whose affected-product data names Pingtel Xpressa, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2002-0667 — CVSS 10.0 (critical): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote…
CVE-2002-0668 — CVSS 7.5 (high): The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows authenticated users to modify the Call…
CVE-2002-0670 — CVSS 7.5 (high): The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for…
CVE-2002-0674 — CVSS 7.2 (high): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not "time out" an inactive administrator session, which could…
CVE-2004-1680 — CVSS 5.0 (medium): application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service…
CVE-2002-0669 — CVSS 5.0 (medium): The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows administrators to cause a denial of…
CVE-2002-1934 — CVSS 5.0 (medium): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during boot-up, which allows attackers to…
CVE-2002-1935 — CVSS 5.0 (medium): Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) CSeq, and (3) "To" and "From" SIP URL values in a Session…
CVE-2002-0672 — CVSS 4.6 (medium): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory…
CVE-2002-0673 — CVSS 4.6 (medium): The enrollment process for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to the…
CVE-2002-0675 — CVSS 4.6 (medium): Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmware…