A SIP header injection vulnerability in enterprise VoIP systems allows attackers to inject malicious SIP headers that can lead to call redirection, eavesdropping, and toll fraud. The vulnerability exists in the SIP proxy server component.
Unauthorized call redirection, potential eavesdropping on voice communications, toll fraud through premium rate number redirection, and denial of service through malformed SIP message flooding.
Upgrade to version 8.3.1 which includes proper SIP header validation. Implement SIP message filtering at the network border. Monitor for unusual call patterns and unexpected toll charges.