Vulnerabilities > Cisco > IP Phone 8811 With Multiplatform Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-16 CVE-2023-20221 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device.
network
low complexity
cisco CWE-352
6.5
2021-07-22 CVE-2021-33478 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device.
low complexity
cisco CWE-119
6.8
2020-02-05 CVE-2020-3111 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone.
low complexity
cisco CWE-20
8.8