Lucene search
K

41 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...

7.5CVSS5.5AI score0.00349EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/05 3:32 p.m.5 views

EUVD-2025-26614

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...

5.3CVSS6.4AI score0.00332EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.5 views

Cisco Desk/IP/Video Phone Denial of Service (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20350)

According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a denial of service vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco S...

7.5CVSS6AI score0.00446EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/10/16 4:56 p.m.4 views

CVE-2025-20351

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...

6.1CVSS6.7AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-10241

Malware in sbrugna...

6.5CVSS6.5AI score0.0064EPSS
Exploits0References3
OSV
OSV
added 2025/09/03 6:15 p.m.5 views

CVE-2025-20335

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...

5.3CVSS5.9AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2025/09/03 5:41 p.m.24 views

CVE-2025-20336

CVE-2025-20336 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The root cause is a directory permissions issue that can permit an unauthenticated, remote attacker to access sensitive information from the device. Exploitation requires Web Access t...

7.5CVSS6.1AI score0.00349EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/11/06 5:15 p.m.5 views

CVE-2024-20445

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...

5.3CVSS5.8AI score0.0045EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/06 4:29 p.m.14 views

CVE-2024-20445 Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...

5.3CVSS0.0045EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.21 views

Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access (CVE-2016-1435)

Cisco 8800 phones with software 11.01 do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...

7CVSS7AI score0.00272EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.22 views

Cisco IP Phones 8800 Series Cross-Site Scripting (CVE-2016-1476)

Cross-site scripting XSS vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024. This plugin only works with Tenable.ot. Please visit...

5.4CVSS5.6AI score0.00802EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.24 views

Cisco IP Phones 8800 Series Denial of Service (CVE-2017-12328)

A vulnerability in Session Initiation Protocol SIP call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the SIP process unexpectedly restarts. All active phone calls are dropped as the SIP process...

5.8CVSS6AI score0.02133EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.19 views

Cisco IP Phones 8800 Series Denial of Service (CVE-2016-1479)

Cisco IP Phone 8800 devices with software 11.01 allow remote attackers to cause a denial of service memory corruption via a crafted HTTP request, aka Bug ID CSCuz03038. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.8CVSS7.3AI score0.02997EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.22 views

Cisco IP Phones 8800 Series Path Traversal (CVE-2019-1765)

A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level...

8.1CVSS7.5AI score0.01391EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.8 views

The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, and 8800 exists due to the possibility of inserting commands that allow a perpetrator to execute arbitrary code with root privileges.

The vulnerability of the web-based management interface for Microprogramming Software-based Cisco IP Phones 6800, Cisco IP Phone 7800, and Cisco IP Phone 8800 is related to the possibility of executing commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with...

10CVSS8.6AI score0.10351EPSS
Exploits0References2Affected Software3
Positive Technologies
Positive Technologies
added 2023/03/01 12:0 a.m.6 views

PT-2023-1536

Name of the Vulnerable Software and Affected Versions Cisco IP Phone versions prior to the fixed version Description Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denia...

10CVSS9.9AI score0.10351EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/01/12 12:0 a.m.5 views

Cisco IP Phone 安全漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A security vulnerability exists in the Cisco IP Phone 7800 and 8800 Series that stems from insufficient validation of user-supplied input...

8.6CVSS6.4AI score0.00613EPSS
Exploits0References3
CVE
CVE
added 2022/12/08 4:13 p.m.136 views

CVE-2022-20968

Affected product/versions: Cisco IP Phone 7800 and 8800 Series firmware (prior to 14.2(1)). Vulnerability: Cisco Discovery Protocol (CDP) processing feature accepts crafted CDP packets due to insufficient input validation, enabling an unauthenticated, adjacent attacker to trigger a stack overflow...

8.8CVSS8.9AI score0.06355EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2022/12/08 4:0 p.m.67 views

Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...

8.1CVSS9AI score0.06355EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/08 12:0 a.m.3 views

Cisco IP Phone 缓冲区错误漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A buffer error vulnerability exists in the Cisco IP Phone 7800 and 8800 series, which stems from its firmware's Cisco Discovery Protocol that allows an unauthenticated,...

8.8CVSS9.1AI score0.06355EPSS
Exploits0References6
Rows per page
Query Builder