CVE-2023-25437

2023-04-2700:00:00

mitre

www.cve.org

vtech vcs754

privileged escalation

cleartext passwords

AI Score

8.9

Confidence

High

EPSS

0.001

Percentile

44.3%

JSON

An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H, allows attackers to gain escalated privileges and gain sensitive information due to cleartext passwords passed in the raw HTML.

References

i.imgur.com/aDuiY8q.png

yechiel.xyz/vulnerability-in-vtechs-vcs754a-business-phones-exposes-sip-credentials