Cisco

Ip Phone 8861 Firmware

20 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-20079

  • EPSS 8.61%
  • Published 03.03.2023 16:15:10
  • Last modified 21.11.2024 07:40:30

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnera...

9.8

CVE-2023-20078

  • EPSS 10.83%
  • Published 03.03.2023 16:15:10
  • Last modified 21.11.2024 07:40:30

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnera...

6.5

CVE-2023-20018

  • EPSS 0.08%
  • Published 20.01.2023 07:15:13
  • Last modified 21.11.2024 07:40:21

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validatio...

8.8

CVE-2022-20968

  • EPSS 3.9%
  • Published 12.12.2022 09:15:12
  • Last modified 21.11.2024 06:43:56

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insu...

8.1

CVE-2022-20774

  • EPSS 0.25%
  • Published 06.04.2022 19:15:08
  • Last modified 21.11.2024 06:43:31

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of th...

4.6

CVE-2022-20660

Exploit
  • EPSS 0.07%
  • Published 14.01.2022 05:15:11
  • Last modified 21.11.2024 06:43:15

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of...

5.5

CVE-2021-34711

  • EPSS 0.07%
  • Published 06.10.2021 20:15:09
  • Last modified 21.11.2024 06:11:01

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerab...

6.8

CVE-2021-33478

  • EPSS 0.13%
  • Published 22.07.2021 17:15:09
  • Last modified 21.11.2024 06:08:54

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This,...

6.5

CVE-2020-26140

  • EPSS 0.43%
  • Published 11.05.2021 20:15:08
  • Last modified 21.11.2024 05:19:20

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent...

6.5

CVE-2020-26141

  • EPSS 0.32%
  • Published 11.05.2021 20:15:08
  • Last modified 21.11.2024 05:19:20

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt ...