Lucene search
K
CiscoIp Phone 6871 Firmware

5 matches found

CVE
CVE
added 2023/03/03 12:0 a.m.225 views

CVE-2023-20078

Cisco IP Phones (6800, 7800, 7900, 8800 series) web-based management interface contains multiple vulnerabilities due to insufficient input validation that can allow an unauthenticated attacker to execute arbitrary code (CVE-2023-20078) or cause a DoS (CVE-2023-20079). Cisco cites a command-inject...

9.8CVSS9.9AI score0.10351EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.165 views

CVE-2023-20079

CVE-2023-20079 affects Cisco IP Phones (6800/7800/7900/8800 series) via the web-based management interface. The root cause is insufficient validation of user-supplied input in the web UI, enabling an unauthenticated, remote attacker to trigger a denial-of-service condition (DoS). Public details i...

9.8CVSS9.2AI score0.10314EPSS
CVE
CVE
added 2020/01/26 4:45 a.m.144 views

CVE-2019-16008

Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware expose a cross-site scripting (XSS) vulnerability in the web‑based GUI due to insufficient input validation. An authenticated, remote attacker could entice a user to click a crafted link, allowing arbitrary script execution or acces...

5.4CVSS5.2AI score0.00633EPSS
CVE
CVE
added 2020/02/05 5:40 p.m.117 views

CVE-2020-3111

CVE-2020-3111 is a Cisco CDP vulnerability in Cisco IP Phones that allows an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload (DoS) by sending crafted CDP packets. Root cause: missing checks when processing CDP messages in the Layer 2 CDP implemen...

8.8CVSS8.6AI score0.03095EPSS
CVE
CVE
added 2022/04/06 6:12 p.m.96 views

CVE-2022-20774

CVE-2022-20774 affects Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware. The issue is an insufficient CSRF protection in the web-based management interface, enabling an unauthenticated attacker to induce a logged-in user to perform actions via a crafted link. Successful expl...

8.1CVSS7.4AI score0.00383EPSS