Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business SPA500 Series IP Phones Local Script Execution Vulnerability
Vulnerability Description
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by accessing the physical interface of a device and inserting a USB storage device. A successful exploit could allow the attacker to execute scripts on the device in an elevated security context.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Small Business SPA500 Series IP Phones 输入验证错误漏洞
Vulnerability Description
Cisco Small Business SPA500 Series IP Phones是美国思科(Cisco)公司的一款SPA500系列IP电话。 使用7.6.2SR5及之前版本固件的Cisco Small Business SPA500 Series IP Phones中存在输入验证错误漏洞。该漏洞源于设备中带有开发测试和验证脚本。物理位置临近的攻击者可通过插入USB存储设备利用该漏洞在设备上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A