VYPR
Critical severity9.8NVD Advisory· Published Aug 14, 2009· Updated Jun 16, 2026

CVE-2009-1048

CVE-2009-1048

Description

The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.

Affected products

10
  • cpe:2.3:o:snom:snom_300_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:snom:snom_300_firmware:*:*:*:*:*:*:*:*range: >=6.5,<6.5.20
    • cpe:2.3:o:snom:snom_820_firmware:*:*:*:*:*:*:*:*range: >=6.5,<6.5.20
  • cpe:2.3:o:snom:snom_320_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:snom:snom_320_firmware:*:*:*:*:*:*:*:*range: >=6.5,<6.5.20
    • cpe:2.3:o:snom:snom_370_firmware:*:*:*:*:*:*:*:*range: >=6.5,<6.5.20
  • cpe:2.3:o:snom:snom_360_firmware:*:*:*:*:*:*:*:*
    Range: >=6.5,<6.5.20
  • Range: <6.5.20
  • Snom/snom 300llm-fuzzy
    Range: <6.5.20
  • Snom/snom 360llm-fuzzy
    Range: <6.5.20
  • Snom/snom 370llm-fuzzy
    Range: <6.5.20
  • Snom/snom 820llm-fuzzy
    Range: <6.5.20

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.