Lucene search
K
CiscoIp Phone 8800 Firmware

9 matches found

CVE
CVE
added 2023/01/19 1:35 a.m.146 views

CVE-2023-20018

CVE-2023-20018 affects Cisco IP Phone 7800 and 8800 Series through the web-based management interface. The issue is an authentication bypass caused by insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to access parts of the web interface that normally re...

8.6CVSS6.6AI score0.00613EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.69 views

CVE-2019-1716

CVE-2019-1716 affects Cisco IP Phone 7800 Series and 8800 Series via the web-based SIP management interface. An unauthenticated attacker can leverage improper input validation during user authentication over HTTP to trigger a device reload (DoS) or execute arbitrary code with the app user’s privi...

9.8CVSS9.2AI score0.0311EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.62 views

CVE-2019-1766

CVE-2019-1766 affects Cisco IP Phone 8800 Series SIP Software prior to 12.5(1)SR1. The issue is a denial-of-service via file uploads: the web-based management interface does not restrict the maximum size of certain files written to disk, allowing an unauthenticated attacker with valid admin crede...

7.5CVSS7.5AI score0.01527EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.60 views

CVE-2019-1763

Summary: CVE-2019-1763 is a Cisco IP Phone 8800 Series authorization bypass vulnerability in the SIP web-based management interface, caused by improper URL sanitization. An unauthenticated, remote attacker could bypass authorization, access critical services, and cause a DoS. Affected are IP Phon...

7.5CVSS7.7AI score0.01939EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.59 views

CVE-2019-1765

CVE-2019-1765 affects Cisco IP Phone 8800 Series SIP Software. The web-based management interface vulnerability arises from insufficient input validation and file-level permissions, allowing an authenticated, remote attacker to upload invalid files and write files to arbitrary locations on the de...

8.1CVSS7.1AI score0.01391EPSS
CVE
CVE
added 2021/07/22 4:53 p.m.52 views

CVE-2021-33478

The CVE-2021-33478 issue concerns the TrustZone implementation in Broadcom MediaxChange firmware, affecting Cisco IP Phone and Wireless IP Phone devices. The vulnerability allows an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone TEE, with explo...

6.8CVSS7AI score0.00304EPSS
CVE
CVE
added 2019/03/22 8:5 p.m.51 views

CVE-2019-1764

CVE-2019-1764 affects Cisco IP Phone 8800 Series SIP Software with insufficient CSRF protections in the web-based management interface. An unauthenticated attacker can induce an authenticated user to follow a crafted link, enabling arbitrary actions on the device via a browser with the user’s pri...

8.8CVSS8.4AI score0.00698EPSS
CVE
CVE
added 2018/05/17 3:0 a.m.49 views

CVE-2018-0325

CVE-2018-0325 affects Cisco IP Phone 7800/8800 series (and 8821) via vulnerable SIP call handling. The SDP parser’s incomplete input validation enables an unauthenticated remote attacker to drop all active calls and restart the SIP process, causing a DoS. Root cause: SDP parameter validation flaw...

7.5CVSS7.6AI score0.03381EPSS
CVE
CVE
added 2019/02/21 8:0 p.m.46 views

CVE-2019-1684

CVE-2019-1684 affects Cisco IP Phone 7800 and 8800 Series. The issue arises from missing length validation in the Cisco Discovery Protocol (CDP) / Link Layer Discovery Protocol (LLDP) header fields, allowing an unauthenticated, adjacent attacker to cause an affected phone to reload and experience...

6.5CVSS6.4AI score0.0064EPSS