Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco spa525g firmware - vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-20181
A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote malicious user to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based managem...
Cisco Spa500ds Firmware -
Cisco Spa500s Firmware -
Cisco Spa501g Firmware -
Cisco Spa502g Firmware -
Cisco Spa504g Firmware -
Cisco Spa508g Firmware -
Cisco Spa509g Firmware -
Cisco Spa512g Firmware -
Cisco Spa514g Firmware -
Cisco Spa525 Firmware -
Cisco Spa525g Firmware -
Cisco Spa525g2 Firmware -
6.1
CVSSv3
CVE-2023-20218
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote malicious user to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of u...
Cisco Spa500ds Firmware -
Cisco Spa500s Firmware -
Cisco Spa501g Firmware -
Cisco Spa502g Firmware -
Cisco Spa504g Firmware -
Cisco Spa508g Firmware -
Cisco Spa509g Firmware -
Cisco Spa512g Firmware -
Cisco Spa514g Firmware -
Cisco Spa525 Firmware -
Cisco Spa525g Firmware -
Cisco Spa525g2 Firmware -
NA
CVE-2021-1379
Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone. These v...
7.4
CVSSv3
CVE-2019-1683
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote malicious user to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP...
Cisco Spa112 Firmware 1.4.2
Cisco Spa525 Firmware 7.6.2
Cisco Spa5x5 Firmware 7.6.2
Cisco Spa500 Firmware 1.4.2
Cisco Spa500s Firmware 1.4.2
Cisco Spa500ds Firmware 1.4.2
Cisco Spa501g Firmware 1.4.2
Cisco Spa502g Firmware 1.4.2
Cisco Spa504g Firmware 1.4.2
Cisco Spa508g Firmware 1.4.2
Cisco Spa509g Firmware 1.4.2
Cisco Spa512g Firmware 1.4.2
Cisco Spa514g Firmware 1.4.2
Cisco Spa525g Firmware 1.4.2
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
NA
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
NA
CVE-2012-0333
Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and previous versions do not require authentication for Push XML requests, which allows remote malicious users to make telephone calls via an XML document, aka Bug ID CSCts08768.
Cisco Small Business Ip Phone Firmware
Cisco Small Business Ip Phone Firmware 7.1.7
Cisco Small Business Ip Phone Firmware 7.2.5
Cisco Small Business Ip Phone Firmware 7.3.5
Cisco Small Business Ip Phone Firmware 7.4.3
Cisco Small Business Ip Phone Firmware 7.4.4
Cisco Small Business Ip Phone Firmware 7.4.5
Cisco Small Business Ip Phone Firmware 7.4.6
Cisco Small Business Ip Phone Firmware 7.4.7
Cisco Small Business Ip Phone Firmware 7.4.8
Cisco Small Business Ip Phone Spa525g
Cisco Small Business Ip Phone Spa525g2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started