60 matches found
CVE-2025-20158
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...
Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure (cisco-sa-phone-info-disc-YyxsWStK)
According to its self-reported version, Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure is affected by a vulnerability. - A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access...
CVE-2025-20158
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...
CVE-2025-20158
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...
CVE-2025-20158 Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...
Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access ...
PT-2025-7536 · Cisco · Cisco Desk Phone 9800 Series +1
Name of the Vulnerable Software and Affected Versions: Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series affected versions not specified Description: A vulnerability in the debug shell of the affected devices could allow an authenticated, local attacker to access sensitive information on th...
PT-2025-25573 · Google · Chrome Os
Name of the Vulnerable Software and Affected Versions: Google ChromeOS versions 16063.45.2 and potentially others Description: The issue allows a local attacker to gain root code execution via exploiting a debug shell accessible through specific key combinations during developer mode entry and...
CVE-2023-5165
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
Design/Logic Flaw
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation ECI restrictions via the debug shell which remains accessible for a short time window after launching Docker Desktop. The affected functionality is available for Docker Business customers only and...
PT-2023-5446 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions 4.13.0 through 4.22.x Description: The issue is related to insufficient authorization procedures in Docker Desktop, allowing an unprivileged user to bypass Enhanced Container Isolation ECI restrictions. This can be...
K61918302: ceph-isci-cli vulnerability CVE-2018-14649
Security Advisory Description It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. This is done by setting debug=True in file /usr/bin/rbd-target-api provided by ceph-isci-cli package. This allows unauthenticated attacker...
CVE-2021-45033
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
Hardcoded credentials
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C All versions V16.20, CP-8000 MASTER MODULE WITH I/O -40/+70°C All versions V16.20, CP-8021 MASTER MODULE All versions V16.20, CP-8022 MASTER MODULE WITH GPRS All versions V16.20. An undocumented debug port uses...
CVE-2021-34711
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug she...
CVE-2021-34711
CVE-2021-34711 affects Cisco IP Phone software. A vulnerability in the debug shell allows an authenticated, local attacker to read arbitrary files on the device filesystem due to insufficient input validation. The issue is triggered by crafted input to a debug shell command. The impact is read ac...
CVE-2021-34711 Cisco IP Phone Software Arbitrary File Read Vulnerability
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug she...
Cisco IP Phone Software Arbitrary File Read Vulnerability
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug she...
Cisco IP Phone 路径遍历漏洞
Cisco IP Phone is a hardware device from the American company Cisco Cisco. IP Phone that provides calling capabilities. A path traversal vulnerability exists in Cisco IP Phone that stems from insufficient input validation. An attacker can exploit this vulnerability by providing crafted input to...
Arbitrary Command Execution
ceph-iscsi-cli is vulnerable to arbitrary command execution attacks. The vulnerability exists as it was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. This is done by setting debug=True in file /usr/bin/rbd-target-api...