CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-10513

Malware in sbrugna...

4.8CVSS5.1AI score0.0017EPSS

Exploits0References2

Circl•added 2024/12/17 6:41 a.m.•2 views

CISCO-SA-20190807-SPA112

creationtimestamp| type| source ---|---|--- 2024-12-17 06:41:52+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666794694478137...

7.2AI score

Exploits0References1

GithubExploit•added 2023/05/17 8:59 a.m.•14 views

Exploit for Missing Authentication for Critical Function in Cisco Spa112_Firmware

RancidCrisco Minimum Viable PoC for CVE-2023-20126 This is th...

9.8CVSS7.4AI score0.69926EPSS

Exploits1

The Hacker News•added 2023/05/05 5:16 a.m.•35 views

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as CVE-2023-20126, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credit...

8AI score0.69926EPSS

Exploits1

OSV•added 2023/05/04 8:15 p.m.•2 views

CVE-2023-20126

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An...

9.8CVSS7.9AI score0.69926EPSS

Exploits1References1

Prion•added 2023/05/04 8:15 p.m.•14 views

Authentication flaw

7.5CVSS9.6AI score0.69926EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/05/04 12:0 a.m.•1 views

Cisco SPA112 2-Port Phone Adapter 访问控制错误漏洞

The Cisco SPA112 2-Port Phone Adapter is a phone adapter from Cisco USA. A security vulnerability exists in the Cisco SPA112 2-Port Phone Adapters, which stems from the lack of an authentication process in the firmware upgrade feature, and could allow an attacker to execute arbitrary code with fu...

9.8CVSS9.1AI score0.69926EPSS

Exploits1References3

CVE•added 2023/05/04 12:0 a.m.•56 views

CVE-2023-20126

Cisco SPA112 (2-Port) has a remote command execution vulnerability (CVE-2023-20126) due to a missing authentication step in the firmware upgrade flow. An unauthenticated attacker can upgrade to crafted firmware to run arbitrary code with full privileges. A PoC exists (RancidCrisco) that gains a r...

9.8CVSS9.8AI score0.69926EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/05/04 12:0 a.m.•8 views

CVE-2023-20126 Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability

9.8CVSS8.3AI score0.69926EPSS

Exploits1References1

Cvelist•added 2023/05/04 12:0 a.m.•14 views

CVE-2023-20126 Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability

9.8CVSS9.9AI score0.69926EPSS

Exploits1References1

ATTACKERKB•added 2023/05/03 11:0 p.m.•0 views

CVE-2023-20126

9.8CVSS7.7AI score0.69926EPSS

Exploits1References2

Cisco•added 2023/05/03 4:0 p.m.•24 views

Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability

9.8CVSS9.8AI score0.69926EPSS

Exploits1References1

Positive Technologies•added 2023/05/03 12:0 a.m.•4 views

PT-2023-2522 · Cisco · Cisco Ata 190 +1

Name of the Vulnerable Software and Affected Versions: Cisco SPA112 versions affected versions not specified Description: A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an...

9.8CVSS9.6AI score0.69926EPSS

Exploits1References16

Symantec•added 2019/10/16 12:0 a.m.•15 views

Cisco SPA100 Series Analog Telephone Adapter Multiple Arbitrary Code Execution Vulnerabilities

Description Cisco SPA100 Series Analog Telephone Adapter is prone to multiple arbitrary code-execution vulnerabilities. Successfully exploiting these issues will allow attackers to execute arbitrary code with elevated privileges. These issues are being tracked by Cisco Bug ID CSCvq50494...

0.6AI score

Exploits0References1Affected Software2

OSV•added 2019/08/08 8:15 a.m.•1 views

CVE-2019-1956

A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the...

4.8CVSS6AI score

Exploits0References1

NVD•added 2019/08/08 8:15 a.m.•7 views

CVE-2019-1956

4.8CVSS5AI score0.0017EPSS

Exploits0References1

Prion•added 2019/08/08 8:15 a.m.•18 views

Cross site scripting

3.5CVSS5AI score0.0017EPSS

Exploits0References1Affected Software1

CVE•added 2019/08/08 7:30 a.m.•55 views

CVE-2019-1956

Cisco SPA112 2-Port Phone Adapter has a stored XSS vulnerability in its web-based configuration interface caused by insufficient validation of user input. An authenticated, remote attacker could inject malicious script via a configuration field, potentially executing in the context of the affecte...

4.8CVSS5AI score0.0017EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2019/08/08 7:30 a.m.•7 views

CVE-2019-1956 Cisco SPA112 2-Port Phone Adapter Stored Cross-Site Scripting Vulnerability

4.8CVSS6AI score0.0017EPSS

Exploits0References1

Cvelist•added 2019/08/08 7:30 a.m.•11 views

CVE-2019-1956 Cisco SPA112 2-Port Phone Adapter Stored Cross-Site Scripting Vulnerability

4.8CVSS5AI score0.0017EPSS

Exploits0References1

Rows per page