VYPR

Spa941

by Linksys

CVEs (2)

  • CVE-2007-2270Apr 25, 2007
    risk 0.04cvss epss 0.09

    The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.

  • CVE-2007-5411Oct 12, 2007
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.