2 matches found
Cisco Small Business SPA300 and SPA500 Series IP Phones Unauthenticated Remote Dial (CVE-2015-0670)
The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482. This plugin only works with...
CVE-2015-0670
Cisco Small Business SPA300 and SPA500 IP phones running firmware version 7.5.5 are affected by CVE-2015-0670 due to improper authentication in the default configuration. A crafted XML request can allow an unauthenticated remote attacker to read audio-stream data or originate telephone calls. The...