17 matches found
EUVD-2019-10513
Malware in sbrugna...
CVE-2023-20126
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...
Authentication flaw
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...
The vulnerability in the web interface of Cisco SPA112 dual-port telephone adapters allows a hacker to execute arbitrary code.
The vulnerability of the web-based management interface for Cisco SPA112 dual-port telephone adapters is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code by loading a specially crafted...
Cisco SPA112 2-Port Phone Adapter 访问控制错误漏洞
The Cisco SPA112 2-Port Phone Adapter is a phone adapter from Cisco USA. A security vulnerability exists in the Cisco SPA112 2-Port Phone Adapters, which stems from the lack of an authentication process in the firmware upgrade feature, and could allow an attacker to execute arbitrary code with fu...
CVE-2023-20126
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...
PT-2023-2522 · Cisco · Cisco Ata 190 +1
Name of the Vulnerable Software and Affected Versions: Cisco SPA112 versions affected versions not specified Description: A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an...
The vulnerability of the web interface of the Cisco SPA112 IP phone allows attackers to perform cross-site scripting attacks.
The vulnerability of the web interface for processing Cisco SPA112 IP-telephone certificates exists due to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...
CVE-2019-1956
A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2019-1956
A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the...
Cross site scripting
A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the...
CVE-2019-1956 Cisco SPA112 2-Port Phone Adapter Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the...
Cisco SPA112 2-Port Phone Adapter Cross-Site Scripting Vulnerability
The Cisco SPA112 2-Port Phone Adapter is a phone adapter from Cisco USA. A cross-site scripting vulnerability in the Cisco SPA112 2-Port Phone Adapter with firmware prior to version 1.4.1SR4, which arises from a program that fails to adequately validate user-submitted input, can be exploited by a...
PT-2019-3146 · Cisco · Cisco Spa112
Name of the Vulnerable Software and Affected Versions: Cisco SPA112 2-Port Phone Adapter affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based interface of the affected device, allowing an authenticated, remote attacke...
Input validation
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security TLS-encrypted Session Initiation Protocol SIP conversation. The...
CVE-2019-1683
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security TLS-encrypted Session Initiation Protocol SIP conversation. The...
Cisco SPA112, SPA525, and SPA5X5 Series Certificate Validation Vulnerabilities
Cisco SPA112 Series and so on are the products of Cisco Company in the United States.Cisco SPA112 Series is a SPA112 series IP phone.SPA525 Series is a SPA525 series IP phone.SPA5X5 Series is a SPA5X5 series IP phone.Cisco SPA112 Series is a SPA112 series IP phone.SPA525 Series is a SPA525 series...