11 matches found
The vulnerability in the web interface for managing microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to execute arbitrary code with elevated privileges.
The vulnerability in the web interface for managing Microprogramming software in Cisco SPA100 Series IP phones is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges using a...
The vulnerability in the web interface for managing microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to execute arbitrary code with elevated privileges.
The vulnerability in the web interface for managing Microprogramming-based IP phones of the Cisco SPA100 Series is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges using a...
Cisco SPA ATA Web Interface Detection
Binary data ciscospawebdetection.nbin...
Cisco SPA ATA SIP Detection
Binary data ciscospasipdetection.nbin...
Cisco SPA100 Information Leakage Vulnerability
The Cisco SPA100 Series is an analog phone adapter from Cisco that allows your standard analog phone to access Internet telephony services through an RJ-11 phone port. A management credential information leakage vulnerability exists in the web-based management interface of Cisco SPA100 Series 1.4...
CVE-2017-12271
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
CVE-2017-12260
A vulnerability in the implementation of Session Initiation Protocol SIP functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service DoS...
Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones Denial of Service Vulnerability
The Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones are IP telephony products from Cisco USA. A denial of service vulnerability exists in the implementation of the Session Initiation Protocol SIP feature in the Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones, whi...
CVE-2017-12219
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to the...
CVE-2016-1469
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service device outage via a series of malformed HTTP requests, aka Bug ID CSCut67385...
Cross site scripting
Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...