Vulnerabilities > Cisco > IP Phone 8821 EX Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2023-20018 Incorrect Authorization vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input.
network
low complexity
cisco CWE-863
6.5
2020-04-15 CVE-2020-3161 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
critical
9.8
2019-03-22 CVE-2019-1765 Path Traversal vulnerability in Cisco products
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem.
network
low complexity
cisco CWE-22
6.5
2019-03-22 CVE-2019-1764 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack.
network
low complexity
cisco CWE-352
8.8
2019-03-22 CVE-2019-1763 Unspecified vulnerability in Cisco products
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition.
network
low complexity
cisco
7.5
2019-03-22 CVE-2019-1716 Improper Input Validation vulnerability in Cisco products
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code.
network
low complexity
cisco CWE-20
critical
9.8