Lucene search
K

34 matches found

NVD
NVD
added 2024/11/15 4:15 p.m.9 views

CVE-2022-20766

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...

5.3CVSS0.00824EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 3:35 p.m.25 views

CVE-2022-20766 Cisco ATA 190 Series Analog Telephone Adapter firmware Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...

5.3CVSS0.00824EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/29 12:0 a.m.6 views

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to view or delete configurations or modify firmware.

The vulnerability of the web interface for managing microprogramming software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor to view or delete configurations, or modify firmware using...

8.5CVSS5.5AI score0.00713EPSS
Exploits0References3Affected Software3
OSV
OSV
added 2024/10/16 5:15 p.m.2 views

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

6CVSS6AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 5:15 p.m.3 views

CVE-2024-20460

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user. This vulnerability is due to insufficient validation of user input...

6.1CVSS6AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2024/10/16 5:15 p.m.22 views

CVE-2024-20421

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...

7.1CVSS0.00235EPSS
Exploits0References1
OSV
OSV
added 2024/10/16 5:15 p.m.3 views

CVE-2024-20421

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...

6.5CVSS5.8AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2024/10/16 5:15 p.m.17 views

CVE-2024-20420

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

8.8CVSS0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/16 4:16 p.m.14 views

CVE-2024-20463 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET...

5.4CVSS7.5AI score0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/16 4:16 p.m.11 views

CVE-2024-20462 Cisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...

5.5CVSS6.7AI score0.00157EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 4:16 p.m.50 views

CVE-2024-20461

CVE-2024-20461 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from insufficient sanitization of CLI input, allowing an authenticated, local attacker with high privileges to execute arbitrary commands as root and potentially read/write the underlying OS. Co...

6CVSS6.2AI score0.00181EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/16 4:16 p.m.24 views

CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

6CVSS0.00181EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 4:16 p.m.43 views

CVE-2024-20460

CVE-2024-20460 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. It’s a reflected XSS in the web-based management interface caused by insufficient input validation; an unauthenticated remote attacker can lure a user to click a crafted link to execute script in the interface or acces...

6.1CVSS6AI score0.0031EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/16 4:15 p.m.14 views

CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

5.4CVSS7.4AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2024/10/16 4:15 p.m.56 views

CVE-2024-20420

The CVE-2024-20420 entry concerns Cisco ATA 190 Series Analog Telephone Adapter firmware. The web-based management interface contains an HTTP server authorization verification flaw that could allow an authenticated, low-privilege remote attacker to execute commands with Admin privileges. Document...

8.8CVSS6AI score0.00363EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/10/16 4:15 p.m.28 views

CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

5.4CVSS0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.5 views

PT-2024-7344 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter firmware affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery...

8.5CVSS7.5AI score0.00235EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.12 views

PT-2024-7339 · Cisco · Cisco Ata 190 Series

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, local attacker with low privileges to view...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/10/16 12:0 a.m.6 views

PT-2024-7338 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter

Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter affected versions not specified Description: The issue is related to a vulnerability in the web-based management interface of the Cisco ATA 190 Series Analog Telephone Adapter firmware. This...

8.5CVSS7.3AI score0.00342EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2023/05/05 5:16 a.m.36 views

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credit...

8AI score0.38148EPSS
Exploits1
Rows per page
Query Builder