3 matches found
CVE-2020-3111
CVE-2020-3111 is a Cisco CDP vulnerability in Cisco IP Phones that allows an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload (DoS) by sending crafted CDP packets. Root cause: missing checks when processing CDP messages in the Layer 2 CDP implemen...
CVE-2021-1379
CVE-2021-1379 affects Cisco IP Phone Series 68xx/78xx/88xx via Cisco Discovery Protocol and LLDP processing. Root cause: missing checks when handling Cisco Discovery Protocol or LLDP packets, allowing an unauthenticated, adjacent attacker (Layer 2) to execute code remotely or cause a reload, resu...
CVE-2023-20221
Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware are affected by CVE-2023-20221, a CSRF flaw in the web-based management interface. The issue arises from insufficient CSRF protections, enabling an unauthenticated, remote attacker to lure an authenticated user to follow a crafted l...