We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-39220



Description

BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR, AV-02IPD, AV-02FDE, AV-02FDR, AV-03D, AV-03BD, AV-04AFD, AV-04ASD, AV-04FD, AV-04SD, AV-05FD, AV-05SD, AA-07BD, AA-07BDI, BA-04BD, BA-04MD, BA-08BD, BA-08MD, BA-12BD, BA-12MD, CR-02BD before firmware v3.9.2 allows authenticated attackers to read SIP account passwords via a crafted GET request.

Reserved 2024-06-21 | Published 2024-07-03 | Updated 2024-08-02 | Assigner mitre

References

bas-ip.com/bsa-000001

github.com/DrieVlad/BAS-IP-vulnerabilities

cve.org (CVE-2024-39220)

nvd.nist.gov (CVE-2024-39220)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-39220

Support options

Helpdesk Chat, Email, Knowledgebase