Vulnerabilities > Cisco > Spa500 Firmware > 7.5.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-09-12 | CVE-2016-1469 | Resource Management Errors vulnerability in Cisco Spa300 Firmware and Spa500 Firmware The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385. | 7.5 |
2015-12-15 | CVE-2015-6403 | Improper Input Validation vulnerability in Cisco Spa300 Firmware and Spa500 Firmware The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity, which allows local users to load a Trojan horse image by leveraging shell access, aka Bug ID CSCut67400. | 7.2 |