Unrestricted Access to PJSIP and SIP Extension Credentials and Voicemail Files in Telesoft VitalPBX

Unrestricted Access to PJSIP and SIP Extension Credentials and Voicemail Files in Telesoft VitalPBX

CVE-2022-29330 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.