Ip Phone 8841 Firmware Security Vulnerabilities and Issues — Ip Phone 8841 Firmware CVE List

Lucene search

CiscoIp Phone 8841 Firmware

15 matches found

CVE•added 2020/04/15 8:15 p.m.•1015 views

CVE-2020-3161

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HT...

10CVSS9.5AI score0.80825EPSS

CVE•added 2019/07/06 2:15 a.m.•422 views

CVE-2019-1922

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The vulnerability is due to insufficient validation of input Session Initiation Protocol (...

7.8CVSS6.3AI score0.00783EPSS

CVE•added 2023/03/03 4:15 p.m.•191 views

CVE-2023-20078

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisor...

9.8CVSS9.9AI score0.10825EPSS

CVE•added 2023/03/03 4:15 p.m.•141 views

CVE-2023-20079

9.8CVSS9.2AI score0.08614EPSS

CVE•added 2023/01/20 7:15 a.m.•128 views

CVE-2023-20018

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit ...

8.6CVSS6.6AI score0.00081EPSS

CVE•added 2020/01/26 5:15 a.m.•127 views

CVE-2019-16008

A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to in...

5.4CVSS5.2AI score0.00287EPSS

CVE•added 2022/12/12 9:15 a.m.•118 views

CVE-2022-20968

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discover...

8.8CVSS8.9AI score0.03318EPSS

CVE•added 2020/02/05 6:15 p.m.•105 views

CVE-2020-3111

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery...

8.8CVSS8.6AI score0.00234EPSS

CVE•added 2022/01/14 5:15 a.m.•84 views

CVE-2022-20660

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device. ...

4.6CVSS4.3AI score0.00071EPSS

CVE•added 2022/04/06 7:15 p.m.•80 views

CVE-2022-20774

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. This...

8.1CVSS7.4AI score0.00252EPSS

CVE•added 2020/11/06 7:15 p.m.•55 views

CVE-2020-3574

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limit...

7.8CVSS7.5AI score0.00254EPSS

CVE•added 2019/05/03 3:29 p.m.•47 views

CVE-2019-1635

A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) conditi...

7.8CVSS7.6AI score0.01156EPSS

CVE•added 2021/10/06 8:15 p.m.•41 views

CVE-2021-34711

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell...

5.5CVSS5.2AI score0.00067EPSS

CVE•added 2021/07/22 5:15 p.m.•38 views

CVE-2021-33478

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and ...

6.8CVSS7AI score0.00133EPSS

CVE•added 2019/02/21 8:29 p.m.•32 views

CVE-2019-1684

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) co...

6.5CVSS6.4AI score0.00145EPSS