2 matches found
Cisco Small Business SPA300 and SPA500 Series IP Phones Local Code Execution (CVE-2014-3312)
The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...
CVE-2014-3312
Cisco Small Business SPA300 and SPA500 Series IP Phones are affected by CVE-2014-3312 due to an insufficiently authenticated debug console interface. The vulnerability allows a local attacker to execute arbitrary commands on the debug shell and read/modify data in memory or on the filesystem via ...