CVE-2007-5791

The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message originated from a legitimate server, which allows remote attackers to send spoofed INVITE messages, as demonstrated by a flood of messages triggering a denial of service, and by phone calls with malicious content.

Published: Nov 1, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5791
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
vonage / motorola_phone_adapter_vt2142-vd	-	-

http://osvdb.org/38524
http://osvdb.org/38525
http://secunia.com/advisories/27380
http://www.securityfocus.com/bid/26129
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=357
http://www.sipera.com/index.php?action=resources,threat_advisory&tid=360
http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=357
http://www.sipera.com/index.php?action=resources%2Cthreat_advisory&tid=360
https://exchange.xforce.ibmcloud.com/vulnerabilities/37416
https://exchange.xforce.ibmcloud.com/vulnerabilities/37420

Vulnerability Database

CVE-2007-5791