8 matches found
CVE-2024-58314 Atcom 2.7.x.x Authenticated Command Injection via Web Configuration CGI
Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerability in the web configuration CGI script that allows attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'cmd' parameter in webcgimain.cgi, enabling remot...
The vulnerability in the web interface of the microprogramming software for Cisco IP Phones 6800, 7800, 8800, and Cisco Video Phone 8875 allows attackers to perform cross-site scripting attacks.
The vulnerability of the web interface of Microprogramming Software for Cisco IP Phones such as Cisco IP Phone 6800, Cisco IP Phone 7800, Cisco IP Phone 8800, and Cisco Video Phone 8875 is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a...
Zultys MX Series Security Vulnerability
Zultys MX Series is a series of IP phones from Zultys Corporation in the United States. A security vulnerability exists in Zultys MX Series that originates from an operating system command injection attack that allows a remote, authenticated user to execute the attack...
The vulnerability of the Cisco Discovery protocol processing function in the microprogramming software of Cisco IP Phones 7800 and 8800 allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the Cisco Discovery protocol processing function in the microprogramming software of Cisco IP Phones 7800 and 8800 is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures by...
The vulnerability of the implementations of the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) in Cisco IP telephones allows a perpetrator to trigger a system reboot and a service failure.
The vulnerability of the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP implementations in IP-telephone microprogramming systems is related to buffer overflow vulnerabilities. Exploiting this vulnerability can allow an attacker to trigger a device reboot and a service failure...
Cisco Small Business SPA51x Series IP Phones Denial of Service Vulnerability
Cisco Small Business SPA51x Series IP Phones is an SPA51x series of IP phones for small and medium-sized businesses from Cisco. A denial of service vulnerability exists in the implementation of the Session Initiation Protocol SIP feature in Cisco Small Business SPA51x Series IP Phones, which stem...
Cisco Unified IP Phones 9900 Series Arbitrary File Upload Vulnerability
Cisco Unified IP Phone 9900 is a 9900 series IP phone terminal equipment from Cisco USA. The device provides voice, video, and other features. An arbitrary file upload vulnerability exists in the Cisco Unified IP Phones 9900 Series, which could be exploited by an attacker to upload arbitrary file...
CVE-2011-1637
Cisco Unified IP Phones 7900 devices aka TNP phones with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962...