Vulnerabilities > Cisco > IP Phone 8845 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-03 CVE-2023-20079 Out-of-bounds Write vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-787
7.5
2022-12-12 CVE-2022-20968 Out-of-bounds Write vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets.
low complexity
cisco CWE-787
8.8
2022-04-06 CVE-2022-20774 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system.
network
low complexity
cisco CWE-352
8.1
2020-02-05 CVE-2020-3111 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone.
low complexity
cisco CWE-20
8.8
2019-07-06 CVE-2019-1922 NULL Pointer Dereference vulnerability in Cisco products
A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone.
network
low complexity
cisco CWE-476
7.5
2019-05-03 CVE-2019-1635 Improper Handling of Exceptional Conditions vulnerability in Cisco products
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.
network
low complexity
cisco CWE-755
7.5