2 matches found
The vulnerability in the web interface for managing microprogrammed IP phones from Cisco Small Business SPA300 and SPA500 allows a hacker to trigger a service failure.
The vulnerability in the web interface for managing Microprogramming software in Cisco Small Business SPA300 and SPA500 phones is related to the copying of input data into the buffer without checking its size. Exploiting this vulnerability can allow an attacker, operating remotely, to cause servi...
CVE-2017-12271
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery CSRF protection. An attacker could exploit this vulnerability by tricking...