Cisco Desk/IP/Video Phone Denial of Service (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20350)

According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a denial of service vulnerability: - A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco S...

EUVD-2007-6158

Malware in sbrugna...

EUVD-2014-0768

Malware in sbrugna...

Cisco IP Phone 信息泄露漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. The Cisco IP Phone suffers from an information disclosure vulnerability that stems from improper storage of sensitive information in the Web UI of the Session Initiation Protoco...

PT-2024-8290

Name of the Vulnerable Software and Affected Versions Cisco IP Phone 6800 versions affected versions not specified Cisco IP Phone 7800 versions affected versions not specified Cisco IP Phone 8800 versions affected versions not specified Cisco Video Phone 8875 versions affected versions not...

The vulnerability in the web interface for controlling microprogrammed software-based Cisco IP Phones such as Cisco IP Phone 6800, Cisco IP Phone 7800, Cisco IP Phone 8800, and Cisco Video Phone 8875 allows a perpetrator to initiate telephone calls from the vulnerable device.

The vulnerability of the web-based management interface for Cisco IP Phones 6800, 7800, 8800, and Cisco Video Phone 8875 is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to initiate telephone calls from a vulnerable device using...

CVE-2024-20357

A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could exploit this vulnerability by...

Cisco IP Phone 安全漏洞

The Cisco IP Phone is a hardware device from the American company Cisco, Inc. IP Phone that provides calling capabilities. A security vulnerability exists in Cisco IP Phone that stems from parsing XML requests without boundary checking, which could allow an unauthenticated, remote attacker to...

CVE-2023-20265

A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...

The vulnerability in the web interface for managing microprogrammed software in Cisco IP Phones 6800, Cisco IP Phone 7800, and Cisco IP Phone 8800 allows a perpetrator to cause a service failure.

The vulnerability of the web-based management interfaces for Cisco IP Phones 6800, 7800, and 8800 is related to the possibility of executing commands. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack

Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based...

PT-2023-1536

Name of the Vulnerable Software and Affected Versions Cisco IP Phone versions prior to the fixed version Description Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denia...

PT-2023-1105 · Cisco · Cisco Ip Phone 8800 Series +1

Name of the Vulnerable Software and Affected Versions: Cisco IP Phone 7800 and 8800 Series Phones affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This...

CVE-2022-20968

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco...

Cisco IP Phone 缓冲区错误漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A buffer error vulnerability exists in the Cisco IP Phone 7800 and 8800 series, which stems from its firmware's Cisco Discovery Protocol that allows an unauthenticated,...

The vulnerability of the command interface of Cisco IP Phone microprogramming software arises due to an incorrect restriction on the path to the restricted access directory. This allows a malicious individual to read any file in the device’s file system.

The vulnerability of the command interface of Cisco IP Phone microprogramming software exists due to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability could allow a attacker to read any file in the device’s file system...

The vulnerability of IP-Cisco IP Phone microprogramming software, related to the unencrypted storage of confidential information, allows attackers to gain unauthorized access to protected information.

The vulnerability of IP-Cisco IP phones related to microprogramming software involves the unencrypted storage of confidential information. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

VulnCheck KEV: CVE-2020-3161

Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service DoS condition...

CVE-2021-34711

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug she...

Cisco IP Phone 路径遍历漏洞

Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A path traversal vulnerability exists in Cisco IP Phone that stems from insufficient input validation. An attacker can exploit this vulnerability by providing crafted input to...