The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and previous versions allows remote malicious users to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified_ip_phones_9971_firmware 9.4\\(.1\\) |
||
cisco unified_ip_phones_9951_firmware 9.4\\(.1\\) |