VYPR
Unrated severityNVD Advisory· Published Sep 13, 2004· Updated Jun 16, 2026

CVE-2004-1680

CVE-2004-1680

Description

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow.

Affected products

7
  • Pingtel/Xpressa7 versions
    cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:h:pingtel:xpressa:1.2.5:*:*:*:*:*:*:*
    • cpe:2.3:h:pingtel:xpressa:1.2.7.4:*:*:*:*:*:*:*
    • cpe:2.3:h:pingtel:xpressa:1.2.8:*:*:*:*:*:*:*
    • cpe:2.3:h:pingtel:xpressa:2.0:*:*:*:*:*:*:*
    • cpe:2.3:h:pingtel:xpressa:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:h:pingtel:xpressa:2.1.11.24:*:*:*:*:*:*:*
    • (no CPE)range: = 2.1.11.24

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.