Vulnerabilities > Cisco > IP Phone 6841 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-03-03 CVE-2023-20078 Out-of-bounds Write vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-787
critical
9.8
2023-03-03 CVE-2023-20079 Out-of-bounds Write vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-787
7.5
2022-04-06 CVE-2022-20774 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system.
network
low complexity
cisco CWE-352
8.1
2020-02-05 CVE-2020-3111 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone.
low complexity
cisco CWE-20
8.8
2020-01-26 CVE-2019-16008 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system.
network
low complexity
cisco CWE-79
5.4