Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2020-16137

Published: 12/08/2020 Updated: 11/04/2024
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Unified Ip Conference Station 7937g Firmware

Vulnerability Summary

A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows malicious users to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco unified_ip_conference_station_7937g_firmware

Exploits

Exploit DB: Cisco 7937G Privilege Escalation
Cisco 7947G versions SIP-1-4-5-7 and below privilege escalation exploit ...
Exploit DB: Cisco 7937G All-In-One Exploiter
This exploit is an all-in-one tool that leverages vulnerabilities described in CVE-2020-16139, CVE-2020-16138, and CVE-2020-16137 against Cisco 7937G devices versions SIP-1-4-5-7 and below ...

Github Repositories

https://github.com/Fans0n-Fan/Cisco-7937G-All-In-One-Exploiter

This exploit is an all-in-one tool for Cisco 7937G

Cisco-7937G-All-In-One-Exploiter This exploit is an all-in-one tool for Cisco 7937G This exploit is an all-in-one tool that leverages vulnerabilities described in CVE-2020-16139, CVE-2020-16138, and CVE-2020-16137 against Cisco 7937G devices versions SIP-1-4-5-7 and below

References

NVD-CWE-noinfohttps://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/https://packetstormsecurity.com/files/158818/Cisco-7937G-Privilege-Escalation.htmlhttps://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.htmlhttps://nvd.nist.govhttps://github.com/Fans0n-Fan/Cisco-7937G-All-In-One-Exploiterhttps://packetstormsecurity.com/files/158818/Cisco-7937G-Privilege-Escalation.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook