Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco spa500 series ip phones firmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20181
A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote malicious user to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based managem...
Cisco Spa500ds Firmware -
Cisco Spa500s Firmware -
Cisco Spa501g Firmware -
Cisco Spa502g Firmware -
Cisco Spa504g Firmware -
Cisco Spa508g Firmware -
Cisco Spa509g Firmware -
Cisco Spa512g Firmware -
Cisco Spa514g Firmware -
Cisco Spa525 Firmware -
Cisco Spa525g Firmware -
Cisco Spa525g2 Firmware -
NA
CVE-2023-20218
A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote malicious user to to modify a web page in the context of a user's browser. This vulnerability is due to insufficient validation of u...
Cisco Spa500ds Firmware -
Cisco Spa500s Firmware -
Cisco Spa501g Firmware -
Cisco Spa502g Firmware -
Cisco Spa504g Firmware -
Cisco Spa508g Firmware -
Cisco Spa509g Firmware -
Cisco Spa512g Firmware -
Cisco Spa514g Firmware -
Cisco Spa525 Firmware -
Cisco Spa525g Firmware -
Cisco Spa525g2 Firmware -
409
VMScore
CVE-2019-15959
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate malicious user to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An ...
Cisco Spa500 Series Ip Phones Firmware
409
VMScore
CVE-2019-1923
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate malicious user to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit th...
Cisco Spa501g Firmware
Cisco Spa502g Firmware
Cisco Spa504g Firmware
Cisco Spa508g Firmware
Cisco Spa509g Firmware
Cisco Spa512g Firmware
Cisco Spa514g Firmware
Cisco Spa525g2 Firmware
Cisco Spa500s Firmware
Cisco Spa500ds Firmware
516
VMScore
CVE-2019-1683
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote malicious user to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP...
Cisco Spa112 Firmware 1.4.2
Cisco Spa525 Firmware 7.6.2
Cisco Spa5x5 Firmware 7.6.2
Cisco Spa500 Firmware 1.4.2
Cisco Spa500s Firmware 1.4.2
Cisco Spa500ds Firmware 1.4.2
Cisco Spa501g Firmware 1.4.2
Cisco Spa502g Firmware 1.4.2
Cisco Spa504g Firmware 1.4.2
Cisco Spa508g Firmware 1.4.2
Cisco Spa509g Firmware 1.4.2
Cisco Spa512g Firmware 1.4.2
Cisco Spa514g Firmware 1.4.2
Cisco Spa525g Firmware 1.4.2
605
VMScore
CVE-2017-12271
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote malicious user to execute unwanted actions on an affected device. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this ...
Cisco Spa300 Firmware
Cisco Spa500 Firmware
694
VMScore
CVE-2017-12219
A vulnerability in the handling of IP fragments for the Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones could allow an unauthenticated, remote malicious user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnera...
Cisco Spa 301 Firmware 7.6.2
Cisco Spa 303 Firmware 7.6.2
Cisco Spa 500ds Firmware 7.6.2
Cisco Spa 500s Firmware 7.6.2
Cisco Spa 501g Firmware 7.6.2
Cisco Spa 502g Firmware 7.6.2
Cisco Spa 504g Firmware 7.6.2
Cisco Spa 508g Firmware 7.6.2
Cisco Spa 509g Firmware 7.6.2
Cisco Spa 512g Firmware 7.6.2
Cisco Spa 514g Firmware 7.6.2
694
VMScore
CVE-2016-1469
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote malicious users to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
Cisco Spa300 Firmware
Cisco Spa500 Firmware
641
VMScore
CVE-2015-6403
The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400.
Cisco Spa500 Firmware 7.5.7
Cisco Spa300 Firmware 7.5.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started