Base64 Encoded Credentials Vulnerability in Pingtel xpressa SIP-based Voice-over-IP Phone
CVE-2002-0670 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing.
Learn more about our Web App Pen Testing.