VYPR
Unrated severityNVD Advisory· Published Jun 22, 2007· Updated Jun 16, 2026

CVE-2007-3347

CVE-2007-3347

Description

The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID.

Affected products

5
  • cpe:2.3:h:d-link:dph-540:1.00.03:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:h:d-link:dph-540:1.00.03:*:*:*:*:*:*:*
    • cpe:2.3:h:d-link:dph-540:1.00.14:*:*:*:*:*:*:*
    • cpe:2.3:h:d-link:dph-541:1.00.03:*:*:*:*:*:*:*
    • cpe:2.3:h:d-link:dph-541:1.00.14:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.