20 matches found
CVE-2025-20350
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to a buffer overflow...
CVE-2025-20350
CVE-2025-20350 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software. The issue is a stack/heap buffer overflow when the device processes HTTP input in the web UI, leading to a DoS where the device reloads. Exploitation requir...
EUVD-2015-8139
Malware in sbrugna...
CVE-2025-20336
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning ZTP that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s des...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22956
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...
Hardcoded credentials
An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...
Design/Logic Flaw
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22957
An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...
CVE-2023-22956
CVE-2023-22956 – AudioCodes VoIP desk phones are affected up to firmware 3.4.4.1000. The root cause is the use of a hard-coded cryptographic key, enabling an attacker to decrypt encrypted configuration files and retrieve sensitive information. Evidence from multiple sources confirms the issue and...
CVE-2023-22956
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...
AudioCodes VoIP Trust Management Issues Vulnerability
AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and earlier versions, which stems from the use of hard-coded keys in libacdes3.so...
CVE-2023-22957
An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
PT-2023-18796 · Audiocodes · Audiocodes Voip Desk Phones
Name of the Vulnerable Software and Affected Versions: AudioCodes VoIP desk phones versions through 3.4.4.1000 Description: An issue was discovered where the validation of firmware images only consists of simple checksum checks for different firmware components. This allows an attacker, by knowin...
CVE-2023-22957
The CVE-2023-22957 issue affects AudioCodes VoIP desk phones (libac_des3.so) through firmware up to 3.4.4.1000. The root cause is a hard-coded cryptographic key, enabling an attacker with access to backups or configuration files to decrypt encrypted values and retrieve sensitive information (e.g....
CVE-2023-22955
AudioCodes VoIP desk phones up to version 3.4.4.1000 are affected. The vulnerability stems from firmware-image validation that uses only simple checksums, enabling an attacker who can influence the flasher tool to inject malicious firmware. Root cause: insufficient validation allowing firmware ta...
Cisco Flaws Put Millions of Workplace Devices at Risk
Five vulnerabilities in Cisco Discovery Protocol make it possible for a hacker to take over desk phones, routers, and more...