Vulnerabilities > Cisco > IP Phone 8861 Firmware > 12.8.1.sr1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-20 | CVE-2023-20018 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input. | 6.5 |
| 2022-12-12 | CVE-2022-20968 | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. | 8.8 |
| 2022-01-14 | CVE-2022-20660 | Cleartext Storage of Sensitive Information vulnerability in Cisco products A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. | 4.6 |
| 2021-10-06 | CVE-2021-34711 | Path Traversal vulnerability in Cisco products A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. | 5.5 |