34 matches found
CVE-2022-20766
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...
CVE-2022-20766 Cisco ATA 190 Series Analog Telephone Adapter firmware Cisco Discovery Protocol Denial of Service Vulnerability
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...
The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to view or delete configurations or modify firmware.
The vulnerability of the web interface for managing microprogramming software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor to view or delete configurations, or modify firmware using...
CVE-2024-20461
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...
CVE-2024-20460
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user. This vulnerability is due to insufficient validation of user input...
CVE-2024-20421
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...
CVE-2024-20421
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...
CVE-2024-20420
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...
CVE-2024-20463 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET...
CVE-2024-20462 Cisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...
CVE-2024-20461
CVE-2024-20461 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from insufficient sanitization of CLI input, allowing an authenticated, local attacker with high privileges to execute arbitrary commands as root and potentially read/write the underlying OS. Co...
CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...
CVE-2024-20460
CVE-2024-20460 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. It’s a reflected XSS in the web-based management interface caused by insufficient input validation; an unauthenticated remote attacker can lure a user to click a crafted link to execute script in the interface or acces...
CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...
CVE-2024-20420
The CVE-2024-20420 entry concerns Cisco ATA 190 Series Analog Telephone Adapter firmware. The web-based management interface contains an HTTP server authorization verification flaw that could allow an authenticated, low-privilege remote attacker to execute commands with Admin privileges. Document...
CVE-2024-20420 Cisco ATA 190 Series Analog Telephone Adapter Firmware Privilege Escalation Vulnerability
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...
PT-2024-7344 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter
Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter firmware affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery...
PT-2024-7339 · Cisco · Cisco Ata 190 Series
Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, local attacker with low privileges to view...
PT-2024-7338 · Cisco · Cisco Ata 190 Series Analog Telephone Adapter
Name of the Vulnerable Software and Affected Versions: Cisco ATA 190 Series Analog Telephone Adapter affected versions not specified Description: The issue is related to a vulnerability in the web-based management interface of the Cisco ATA 190 Series Analog Telephone Adapter firmware. This...
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credit...