Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting additional command input to the affected parameter in the debug shell. Cisco Bug IDs: CSCvf80034.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Cisco IP Phone 8800系列debug界面命令注入漏洞
Vulnerability Description
Cisco IP Phone 8800是美国思科(Cisco)公司的一款提供视频和VoIP通信功能的电话产品。debug interface是其中的一个调试界面。 Cisco IP Phone 8800系列中的debug界面存在命令注入漏洞,该漏洞源于程序没有充分的验证输入。已通过认证的本地攻击者可通过向受影响的参数提交多余的命令输入利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A