Vulnerability in D-Link Phones Allows Unauthorized SIP Communication
CVE-2007-3347

Currently unrated

Key Information:

Vendor: D-link
Status: Dph-541; Dph-540
Vendor: CVE Published:; 22 June 2007

What is CVE-2007-3347?

The D-Link DPH-540 and DPH-541 phones have a vulnerability that lets remote attackers send SIP INVITE messages from unauthorized IP addresses. This flaw enables attackers to perform arbitrary SIP communication, potentially leading to phone spoofing and unauthorized use. By exploiting this vulnerability, an attacker can manipulate caller ID information, posing a risk to users' security and privacy.

References

http://www.sipera.com/index.php?action=resources%2Cthreat...

x_refsource_MISC

http://www.vupen.com/english/advisories/2007/2320

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/25803

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jun 22, 2007
Vulnerability Reserved
Jun 22, 2007

D-link

What is CVE-2007-3347?

References

Timeline