Unrestricted Access to PJSIP and SIP Extension Credentials and Voicemail Files in Telesoft VitalPBX
CVE-2022-29330 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.