Lucene search
K

11 matches found

BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.6 views

The vulnerability in the web interface for managing microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to execute arbitrary code with elevated privileges.

The vulnerability in the web interface for managing Microprogramming software in Cisco SPA100 Series IP phones is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges using a...

8CVSS6.4AI score0.00578EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/10/24 12:0 a.m.7 views

The vulnerability in the web interface for managing microprogrammed software in Cisco SPA100 Series IP phones allows a perpetrator to execute arbitrary code with elevated privileges.

The vulnerability in the web interface for managing Microprogramming-based IP phones of the Cisco SPA100 Series is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with elevated privileges using a...

8CVSS6.4AI score0.00578EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/10/17 12:0 a.m.11 views

Cisco SPA ATA Web Interface Detection

Binary data ciscospawebdetection.nbin...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/10/17 12:0 a.m.11 views

Cisco SPA ATA SIP Detection

Binary data ciscospasipdetection.nbin...

7.3AI score
Exploits0References2
CNVD
CNVD
added 2019/10/17 12:0 a.m.4 views

Cisco SPA100 Information Leakage Vulnerability

The Cisco SPA100 Series is an analog phone adapter from Cisco that allows your standard analog phone to access Internet telephony services through an RJ-11 phone port. A management credential information leakage vulnerability exists in the web-based management interface of Cisco SPA100 Series 1.4...

6.5CVSS6.9AI score0.01088EPSS
Exploits0References1
OSV
OSV
added 2017/10/19 8:29 a.m.4 views

CVE-2017-12271

A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...

8.8CVSS5.8AI score0.00982EPSS
Exploits0References3
OSV
OSV
added 2017/10/19 8:29 a.m.5 views

CVE-2017-12260

A vulnerability in the implementation of Session Initiation Protocol SIP functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service DoS...

7.5CVSS5.8AI score0.02297EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/19 12:0 a.m.6 views

Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones Denial of Service Vulnerability

The Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones are IP telephony products from Cisco USA. A denial of service vulnerability exists in the implementation of the Session Initiation Protocol SIP feature in the Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones, whi...

7.5CVSS7.5AI score0.02297EPSS
Exploits0References1
OSV
OSV
added 2017/09/21 5:29 a.m.3 views

CVE-2017-12219

A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerability is due to the...

7.5CVSS5.8AI score0.02662EPSS
Exploits0References3
OSV
OSV
added 2016/09/12 1:59 a.m.5 views

CVE-2016-1469

The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service device outage via a series of malformed HTTP requests, aka Bug ID CSCut67385...

7.5CVSS5.8AI score0.03045EPSS
Exploits0References3
Prion
Prion
added 2012/06/13 8:55 p.m.19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka...

4.3CVSS6.2AI score0.00943EPSS
Exploits0References1Affected Software5
Rows per page
Query Builder