Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...

7.5CVSS5.5AI score0.00349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.5 views

Cisco Desk/IP/Video Phone Denial of Service (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20350)

According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a denial of service vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco S...

7.5CVSS6AI score0.00446EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/10/16 4:56 p.m.4 views

CVE-2025-20351

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...

6.1CVSS6.7AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10241

Malware in sbrugna...

6.5CVSS6.5AI score0.0064EPSS
Exploits0References3
OSV
OSV
added 2025/09/03 6:15 p.m.5 views

CVE-2025-20335

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...

5.3CVSS5.9AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 5:41 p.m.24 views

CVE-2025-20336

CVE-2025-20336 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The root cause is a directory permissions issue that can permit an unauthenticated, remote attacker to access sensitive information from the device. Exploitation requires Web Access t...

7.5CVSS6.1AI score0.00349EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/06 5:15 p.m.5 views

CVE-2024-20445

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...

5.3CVSS5.8AI score0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/06 4:29 p.m.14 views

CVE-2024-20445 Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...

5.3CVSS0.0045EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.8 views

The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, and 8800 exists due to the possibility of inserting commands that allow a perpetrator to execute arbitrary code with root privileges.

The vulnerability of the web-based management interface for Microprogramming Software-based Cisco IP Phones 6800, Cisco IP Phone 7800, and Cisco IP Phone 8800 is related to the possibility of executing commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with...

10CVSS8.6AI score0.10351EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologies
added 2023/03/01 12:0 a.m.6 views

PT-2023-1536

Name of the Vulnerable Software and Affected Versions Cisco IP Phone versions prior to the fixed version Description Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denia...

10CVSS9.9AI score0.10351EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.5 views

Cisco IP Phone 安全漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A security vulnerability exists in the Cisco IP Phone 7800 and 8800 Series that stems from insufficient validation of user-supplied input...

8.6CVSS6.4AI score0.00613EPSS
Exploits0References3
CVE
CVE
added 2022/12/08 4:13 p.m.136 views

CVE-2022-20968

Affected product/versions: Cisco IP Phone 7800 and 8800 Series firmware (prior to 14.2(1)). Vulnerability: Cisco Discovery Protocol (CDP) processing feature accepts crafted CDP packets due to insufficient input validation, enabling an unauthenticated, adjacent attacker to trigger a stack overflow...

8.8CVSS8.9AI score0.06355EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2022/12/08 4:0 p.m.67 views

Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...

8.1CVSS9AI score0.06355EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.3 views

Cisco IP Phone 缓冲区错误漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A buffer error vulnerability exists in the Cisco IP Phone 7800 and 8800 series, which stems from its firmware's Cisco Discovery Protocol that allows an unauthenticated,...

8.8CVSS9.1AI score0.06355EPSS
Exploits0References6
CNVD
CNVD
added 2020/01/09 12:0 a.m.6 views

Cisco IP Phone 6800, 7800 and 8800 Series Cross-Site Scripting Vulnerability

The Cisco IP Phone 6800, 7800, and 8800 Series are all IP phone families. A cross-site scripting vulnerability exists in the web-based GUI in the Cisco IP Phone 6800, 7800, and 8800 Series using Multiplatform Firmware Release prior to 11.31, which stems from the GUI failing to adequately validate...

5.4CVSS6.5AI score0.00633EPSS
Exploits0References1
NVD
NVD
added 2019/07/06 2:15 a.m.14 views

CVE-2019-1922

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...

7.8CVSS6.3AI score0.01317EPSS
Exploits0References1
Prion
Prion
added 2019/07/06 2:15 a.m.19 views

Input validation

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...

7.8CVSS7.5AI score0.01317EPSS
Exploits0References1Affected Software7
Cvelist
Cvelist
added 2019/07/06 1:25 a.m.19 views

CVE-2019-1922 Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...

5.3CVSS7.5AI score0.01317EPSS
Exploits0References1
CVE
CVE
added 2019/07/06 1:25 a.m.442 views

CVE-2019-1922

Cisco IP Phone 7800/8800 Series SIP handling is affected by a vulnerability in Cisco SIP IP Phone Software due to insufficient validation of SIP packets. An unauthenticated remote attacker can craft SIP replies during registration to trigger a DoS, causing the phone to reboot and fail registratio...

7.8CVSS6.3AI score0.01317EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/05/03 3:29 p.m.8 views

CVE-2019-1635

A vulnerability in the call-handling functionality of Session Initiation Protocol SIP Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service DoS condition...

7.5CVSS7.1AI score0.01967EPSS
Exploits0References1
Rows per page
Query Builder