7.6 High
AI Score
Confidence
High
0.012 Low
EPSS
Percentile
85.2%
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a “SIP Digest Leak” issue.
seclists.org/bugtraq/2014/Mar/185