Vulnerabilities > Cisco > Wireless IP Phone 8821 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2023-20018 Incorrect Authorization vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. This vulnerability is due to insufficient validation of user-supplied input.
network
low complexity
cisco CWE-863
6.5
2022-01-14 CVE-2022-20660 Cleartext Storage of Sensitive Information vulnerability in Cisco products
A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device.
low complexity
cisco CWE-312
4.6
2021-10-06 CVE-2021-34711 Path Traversal vulnerability in Cisco products
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system.
local
low complexity
cisco CWE-22
5.5
2021-07-22 CVE-2021-33478 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device.
low complexity
cisco CWE-119
6.8
2021-05-11 CVE-2020-26141 Improper Validation of Integrity Check Value vulnerability in multiple products
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H.
low complexity
alfa cisco siemens CWE-354
6.5
2020-02-05 CVE-2020-3111 Improper Input Validation vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone.
low complexity
cisco CWE-20
8.8
2019-05-03 CVE-2019-1635 Improper Handling of Exceptional Conditions vulnerability in Cisco products
A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.
network
low complexity
cisco CWE-755
7.5