31 matches found
CVE-2024-20533
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
CVE-2024-20534
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
CVE-2024-20534 Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
CVE-2024-20534 Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
CVE-2024-20534
CVE-2024-20534 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 6800/7800/8800 Series, and Cisco Video Phone 8875 with Multiplatform Firmware. The issue is stored cross-site scripting (XSS) in the device web UI caused by improper validation of user-supplied input. An authenticated, remote att...
CVE-2024-20533 Cisco IP Phone 6800, 7800, 8800, and 9800 Series with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. This vulnerabilit...
Cisco 6800, 7800, 8800, and 9800 Series Phones with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting XSS attacks against users. These...
Cisco IP Phones 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service (CVE-2018-0316)
A vulnerability in the Session Initiation Protocol SIP call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of...
Cisco IP Phones 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery (CVE-2022-20774)
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
Cisco IP Phones 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Scripting (CVE-2019-16008)
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of an affected system. The vulnerability is due to...
Cisco IP Phones 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery (CVE-2023-20221)
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based management interface of an affected...
Cisco IP Phones Web-based Management Interface Stack-based Buffer Overflow (CVE-2023-20079)
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service DoS condition. For more information about these vulnerabilities, see the Details section of this advisor...
Cisco IP Phones 6800, 7800, and 8800 Series with Multiplatform Firmware Web UI Command Injection (CVE-2018-0341)
A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.21 could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to...
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based...
CVE-2022-20774
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
CVE-2022-20774
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
CVE-2022-20774 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
CVE-2022-20774 Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack against a user of the web-based interface of an affected system. This...
CVE-2019-16008
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of an affected system. The vulnerability is due to...