21 matches found
Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
Cisco Desk/IP/Video Phone Denial of Service (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20350)
According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a denial of service vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco S...
CVE-2025-20351
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...
EUVD-2019-10241
Malware in sbrugna...
CVE-2025-20335
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...
CVE-2025-20336
CVE-2025-20336 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The root cause is a directory permissions issue that can permit an unauthenticated, remote attacker to access sensitive information from the device. Exploitation requires Web Access t...
CVE-2024-20445
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
CVE-2024-20445 Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, and 8800 exists due to the possibility of inserting commands that allow a perpetrator to execute arbitrary code with root privileges.
The vulnerability of the web-based management interface for Microprogramming Software-based Cisco IP Phones 6800, Cisco IP Phone 7800, and Cisco IP Phone 8800 is related to the possibility of executing commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with...
PT-2023-1536
Name of the Vulnerable Software and Affected Versions Cisco IP Phone versions prior to the fixed version Description Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denia...
Cisco IP Phone 安全漏洞
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A security vulnerability exists in the Cisco IP Phone 7800 and 8800 Series that stems from insufficient validation of user-supplied input...
CVE-2022-20968
Affected product/versions: Cisco IP Phone 7800 and 8800 Series firmware (prior to 14.2(1)). Vulnerability: Cisco Discovery Protocol (CDP) processing feature accepts crafted CDP packets due to insufficient input validation, enabling an unauthenticated, adjacent attacker to trigger a stack overflow...
Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...
Cisco IP Phone 缓冲区错误漏洞
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A buffer error vulnerability exists in the Cisco IP Phone 7800 and 8800 series, which stems from its firmware's Cisco Discovery Protocol that allows an unauthenticated,...
Cisco IP Phone 6800, 7800 and 8800 Series Cross-Site Scripting Vulnerability
The Cisco IP Phone 6800, 7800, and 8800 Series are all IP phone families. A cross-site scripting vulnerability exists in the web-based GUI in the Cisco IP Phone 6800, 7800, and 8800 Series using Multiplatform Firmware Release prior to 11.31, which stems from the GUI failing to adequately validate...
CVE-2019-1922
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...
Input validation
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...
CVE-2019-1922 Cisco IP Phone 7800 and 8800 Series Session Initiation Protocol Denial of Service Vulnerability
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol S...
CVE-2019-1922
Cisco IP Phone 7800/8800 Series SIP handling is affected by a vulnerability in Cisco SIP IP Phone Software due to insufficient validation of SIP packets. An unauthenticated remote attacker can craft SIP replies during registration to trigger a DoS, causing the phone to reboot and fail registratio...
CVE-2019-1635
A vulnerability in the call-handling functionality of Session Initiation Protocol SIP Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service DoS condition...