EUVD-2019-6263

Malware in sbrugna...

CVE-2022-20766 Cisco ATA 190 Series Analog Telephone Adapter firmware Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to an out-of-bounds read when processing Cisco...

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to view the passwords of arbitrary users.

The vulnerability in the web interface for managing microprogrammed software devices of Cisco Analog Telephone Adapter ATA series 190 involves the storage of passwords in a recoverable format. Exploiting this vulnerability allows an attacker to view the passwords of arbitrary users...

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to perform CSRF attacks and carry out arbitrary actions.

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to execute a CSRF attack and perform arbitrar...

The vulnerability in the web interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) model 190 allows a perpetrator to make limited changes to the configuration or restart the device.

The vulnerability of the web interface for managing microprogrammed software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the bypassing of authentication due to a root cause. Exploiting this vulnerability allows an attacker to make limited changes to the...

The vulnerability of the command-line interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of microprogramming software for Cisco Analog Telephone Adapter ATA series 190 devices exists due to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows an...

The vulnerability in the web interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the web interface for managing microprogramming software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of measures taken to eliminate script-related HTML tags on the web page. Exploiting this vulnerability allows a malicious actor to...

The vulnerability in the web interface for managing microprogramming software in Cisco Analog Telephone Adapter (ATA) Series 190 devices allows a perpetrator to view or delete configurations or modify firmware.

The vulnerability of the web interface for managing microprogramming software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor to view or delete configurations, or modify firmware using...

The vulnerability in the web interface for managing microprogrammed software devices of Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to execute commands on behalf of the Admin user.

The vulnerability of the web interface for managing microprogrammed software in Cisco Analog Telephone Adapter ATA devices of the 190 series is related to access control errors. Exploiting this vulnerability allows a malicious actor to execute commands on behalf of the Admin user by sending a...

CVE-2024-20462

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2024-20421

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to...

CVE-2024-20420

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization verification by the HTTP server...

CVE-2024-20463

CVE-2024-20463 affects the Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from the HTTP server permitting state changes via GET requests in the web-based management interface, allowing an unauthenticated, remote attacker to modify configuration and reboot the devi...

CVE-2024-20463 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing state changes in GET...

CVE-2024-20462 Cisco ATA 190 Series Analog Telephone Adapter Muliplatform Firmware Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...

CVE-2024-20462

CVE-2024-20462 affects Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware. The issue arises from incorrect sanitization of HTML content in the web-based management interface, enabling an authenticated, local attacker with low privileges to view passwords of other users. The vuln...

CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2024-20461

CVE-2024-20461 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from insufficient sanitization of CLI input, allowing an authenticated, local attacker with high privileges to execute arbitrary commands as root and potentially read/write the underlying OS. Co...

CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...