28 matches found
Cisco IP Phones Exposure of Sensitive Information to an Unauthorized Actor (CVE-2025-20336)
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
EUVD-2025-26614
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...
EUVD-2020-24689
Malware in sbrugna...
EUVD-2020-24760
Malware in sbrugna...
CVE-2025-20335
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authenticatio...
CVE-2025-20336 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
CVE-2025-20336
CVE-2025-20336 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875. The root cause is a directory permissions issue that can permit an unauthenticated, remote attacker to access sensitive information from the device. Exploitation requires Web Access t...
CVE-2024-20445
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
CVE-2024-20445 Cisco IP Phone 7800, 8800, and 9800 Series Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage of sensitive...
CVE-2022-20683
CVE-2022-20683 describes a DoS vulnerability in Cisco IOS XE Software for the Catalyst 9800 Series Wireless Controllers, triggered by crafted packets processed by the AVC-FNF (Application Visibility and Control) feature. Root cause: insufficient packet verification during AVC inspection. Impact: ...
Cisco IOS XE Software for Catalyst 9800 Series DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)
According to its self-reported version, Cisco IOS XE Software is affected by a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An unauthenticated, remote attacker could cause a DoS...
The vulnerability in the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol for the Cisco IOS XE operating system on Cisco Catalyst 9800 Series network devices allows a attacker to cause service interruptions.
The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation for the Cisco IOS XE operating system on Cisco Catalyst 9800 Series network devices is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43453)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in Cisco IOS XE's Control and Configuration of Access Points over Wireless CAPWAP protocol processing used by the Cisco Catalyst 9800 seri...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43452)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in Cisco IOS XE's Control and Configuration of Access Points over Wireless CAPWAP protocol processing used by the Cisco Catalyst 9800 seri...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2021-43451)
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial-of-service vulnerability exists in Cisco IOS XE's Control and Configuration of Access Points over Wireless CAPWAP protocol processing used by the Cisco Catalyst 9800 seri...
CVE-2020-3418
A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list ACL being...
Input validation
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...
CVE-2020-3418 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family Improper Access Control Vulnerability
A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list ACL being...
CVE-2020-3486 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...
CVE-2020-3488 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...