VYPR

Gizmo

by Gizmo5

CVEs (2)

  • CVE-2009-5139HigFeb 12, 2020
    risk 0.49cvss 7.5epss 0.00

    The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.

  • CVE-2009-2381Jul 8, 2009
    risk 0.00cvss epss 0.01

    Gizmo 3.1.0.79 on Linux does not verify a server's SSL certificate, which allows remote servers to obtain the credentials of arbitrary users via a spoofed certificate.