Vulnerabilities > Cisco > Spa300 Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-10-19 CVE-2017-12271 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Spa300 Firmware and Spa500 Firmware
A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device.
network
low complexity
cisco CWE-352
8.8
8.8
2016-09-12 CVE-2016-1469 Resource Management Errors vulnerability in Cisco Spa300 Firmware and Spa500 Firmware
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
network
low complexity
cisco CWE-399
7.5
7.5