3 matches found
CVE-2019-15959
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit...
CVE-2019-15959
The Cisco Small Business SPA500 Series IP Phones vulnerability (CVE-2019-15959) concerns local script execution via the device’s USB interface due to preinstalled development/testing scripts. A physically proximate attacker could insert a USB storage device to run scripts with elevated privileges...
Cisco Small Business SPA500 Series IP Phones CVE-2019-15959 Local Command Injection Vulnerability
Description Cisco Small Business SPA500 Series IP Phones are prone to a local command-injection vulnerability. Local attackers can exploit this issue to execute arbitrary commands on the device in an elevated security context. This issue is being tracked by Cisco Bug ID CSCvp40755. Cisco Small...