CVE-2015-0670
- EPSS 0.53%
- Veröffentlicht 21.03.2015 01:59:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka ...
CVE-2014-3312
- EPSS 0.05%
- Veröffentlicht 09.07.2014 11:07:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct ac...
CVE-2014-3313
- EPSS 0.5%
- Veröffentlicht 09.07.2014 11:07:01
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.
CVE-2011-2545
- EPSS 0.26%
- Veröffentlicht 13.06.2012 20:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or ...