41 matches found
Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
EUVD-2025-26614
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...
Cisco Desk/IP/Video Phone Denial of Service (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20350)
According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a denial of service vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco S...
CVE-2025-20351
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web ...
EUVD-2019-10241
Malware in sbrugna...
CVE-2025-20335
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...
CVE-2025-20336
CVE-2025-20336 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The root cause is a directory permissions issue that can permit an unauthenticated, remote attacker to access sensitive information from the device. Exploitation requires Web Access t...
CVE-2024-20445
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
CVE-2024-20445 Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
Cisco 8800 Series IP Phone Filesystem Permission Enforcement Unauthorized Access (CVE-2016-1435)
Cisco 8800 phones with software 11.01 do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...
Cisco IP Phones 8800 Series Cross-Site Scripting (CVE-2016-1476)
Cross-site scripting XSS vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024. This plugin only works with Tenable.ot. Please visit...
Cisco IP Phones 8800 Series Denial of Service (CVE-2017-12328)
A vulnerability in Session Initiation Protocol SIP call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the SIP process unexpectedly restarts. All active phone calls are dropped as the SIP process...
Cisco IP Phones 8800 Series Denial of Service (CVE-2016-1479)
Cisco IP Phone 8800 devices with software 11.01 allow remote attackers to cause a denial of service memory corruption via a crafted HTTP request, aka Bug ID CSCuz03038. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Cisco IP Phones 8800 Series Path Traversal (CVE-2019-1765)
A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem. The vulnerability is due to insufficient input validation and file-level...
The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, and 8800 exists due to the possibility of inserting commands that allow a perpetrator to execute arbitrary code with root privileges.
The vulnerability of the web-based management interface for Microprogramming Software-based Cisco IP Phones 6800, Cisco IP Phone 7800, and Cisco IP Phone 8800 is related to the possibility of executing commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with...
PT-2023-1536
Name of the Vulnerable Software and Affected Versions Cisco IP Phone versions prior to the fixed version Description Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denia...
Cisco IP Phone 安全漏洞
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A security vulnerability exists in the Cisco IP Phone 7800 and 8800 Series that stems from insufficient validation of user-supplied input...
CVE-2022-20968
Affected product/versions: Cisco IP Phone 7800 and 8800 Series firmware (prior to 14.2(1)). Vulnerability: Cisco Discovery Protocol (CDP) processing feature accepts crafted CDP packets due to insufficient input validation, enabling an unauthenticated, adjacent attacker to trigger a stack overflow...
Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...
Cisco IP Phone 缓冲区错误漏洞
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A buffer error vulnerability exists in the Cisco IP Phone 7800 and 8800 series, which stems from its firmware's Cisco Discovery Protocol that allows an unauthenticated,...