5 matches found
EUVD-2016-2568
Malware in sbrugna...
The vulnerability of the web interface of the microprogramming software for Cisco Small Business SPA300 and SPA500 allows a perpetrator to execute arbitrary commands in the basic operating system.
The vulnerability of the web interface of Cisco Small Business SPA300 and SPA500 microprogramming software lies in the copying of input data into memory without checking its size. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands on the basic...
Cisco SPA300 and SPA500 Series IP Phones Cross-Site Request Forgery Vulnerability
The Cisco SPA300 and SPA500 Series IP Phones are both IP phone products from Cisco USA. A cross-site request forgery vulnerability exists in the Cisco SPA300 and SPA500 Series IP Phones that stems from a lack of cross-site request forgery protection in the program. A remote attacker could exploit...
Cross site request forgery (csrf)
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...
PT-2017-12446 · Cisco · Cisco Spa500 Series Ip Phones +1
Name of the Vulnerable Software and Affected Versions: Cisco SPA300 and SPA500 Series IP Phones affected versions not specified Description: A lack of cross-site request forgery CSRF protection in the Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to...