Security Advisory

CVE-2018-18871

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-12-20 21:00:00

Last updated 2024-08-05 11:23:08

Assigner mitre

State PUBLISHED

Description

Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authentication (and without knowing the original password).

← Browse all CVEs View on cve.org ↗