Lucene search
K
CiscoIp Phone 8832 Firmware

12 matches found

CVE
CVE
added 2021/05/11 12:0 a.m.663 views

CVE-2020-24587

CVE-2020-24587 is referenced in the Amazon Linux 2 kernel advisory for Kernel-5.10-2022-002. The connected document confirms a flaw in the Linux kernel 802.11 wifi fragmentation handling where fragments encrypted under different keys can be reassembled and decrypted, enabling an attacker within w...

2.6CVSS6.2AI score0.02592EPSS
In wild
CVE
CVE
added 2021/05/11 12:0 a.m.617 views

CVE-2020-24588

The CVE-2020-24588 entry relates to the 802.11 Wi‑Fi fragmentation/ A‑MSDU handling issue where the plaintext QoS header flag isn’t authenticated, enabling an attacker to inject packets by sending non‑SSP A‑MSDU frames (FragAttacks). Connected Astra Linux advisories describe this as a variant of ...

3.5CVSS6.4AI score0.03537EPSS
CVE
CVE
added 2021/05/11 7:37 p.m.392 views

CVE-2020-26139

CVE-2020-26139 affects NetBSD 7.1 kernel as described in connected documents. An Access Point forwards EAPOL frames to other clients before the sender has successfully authenticated, which may enable denial-of-service attacks against connected clients in Wi‑Fi networks and could facilitate exploi...

5.3CVSS6.5AI score0.06487EPSS
CVE
CVE
added 2021/05/11 7:34 p.m.335 views

CVE-2020-26140

The CVE-2020-26140 entry is covered in ARISTA Security Advisory 0063, which groups it under the FragAttacks fragmentation/aggregation vulnerabilities. The advisory states that plaintext data frames are accepted on encrypted networks, enabling packet injection. Fixes are provided as platform-speci...

6.5CVSS6.7AI score0.02923EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.225 views

CVE-2023-20078

Cisco IP Phones (6800, 7800, 7900, 8800 series) web-based management interface contains multiple vulnerabilities due to insufficient input validation that can allow an unauthenticated attacker to execute arbitrary code (CVE-2023-20078) or cause a DoS (CVE-2023-20079). Cisco cites a command-inject...

9.8CVSS9.9AI score0.10351EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.167 views

CVE-2023-20079

CVE-2023-20079 affects Cisco IP Phones (6800/7800/7900/8800 series) via the web-based management interface. The root cause is insufficient validation of user-supplied input in the web UI, enabling an unauthenticated, remote attacker to trigger a denial-of-service condition (DoS). Public details i...

9.8CVSS9.2AI score0.10314EPSS
CVE
CVE
added 2023/01/19 1:35 a.m.146 views

CVE-2023-20018

CVE-2023-20018 affects Cisco IP Phone 7800 and 8800 Series through the web-based management interface. The issue is an authentication bypass caused by insufficient validation of user-supplied input, enabling an unauthenticated, remote attacker to access parts of the web interface that normally re...

8.6CVSS6.6AI score0.00613EPSS
CVE
CVE
added 2020/01/26 4:45 a.m.145 views

CVE-2019-16008

Cisco IP Phone 6800/7800/8800 Series with Multiplatform Firmware expose a cross-site scripting (XSS) vulnerability in the web‑based GUI due to insufficient input validation. An authenticated, remote attacker could entice a user to click a crafted link, allowing arbitrary script execution or acces...

5.4CVSS5.2AI score0.00633EPSS
CVE
CVE
added 2022/12/08 4:13 p.m.136 views

CVE-2022-20968

Affected product/versions: Cisco IP Phone 7800 and 8800 Series firmware (prior to 14.2(1)). Vulnerability: Cisco Discovery Protocol (CDP) processing feature accepts crafted CDP packets due to insufficient input validation, enabling an unauthenticated, adjacent attacker to trigger a stack overflow...

8.8CVSS8.9AI score0.06099EPSS
CVE
CVE
added 2022/04/06 6:12 p.m.96 views

CVE-2022-20774

CVE-2022-20774 affects Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware. The issue is an insufficient CSRF protection in the web-based management interface, enabling an unauthenticated attacker to induce a logged-in user to perform actions via a crafted link. Successful expl...

8.1CVSS7.4AI score0.00383EPSS
CVE
CVE
added 2025/10/15 4:15 p.m.18 views

CVE-2025-20350

CVE-2025-20350 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software. The issue is a stack/heap buffer overflow when the device processes HTTP input in the web UI, leading to a DoS where the device reloads. Exploitation requir...

7.5CVSS6.9AI score0.00446EPSS
CVE
CVE
added 2025/10/15 4:15 p.m.18 views

CVE-2025-20351

CVE-2025-20351 affects Cisco Desk Phone 9800 Series, IP Phone 7800/8800 Series, and Video Phone 8875 running Cisco SIP Software. The web UI fails to sufficiently validate user-supplied input, enabling unauthenticated remote XSS when a user is persuaded to click a crafted link. Impact could includ...

6.1CVSS6.4AI score0.00262EPSS