漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cisco IP Phone Software Arbitrary File Read Vulnerability
Vulnerability Description
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
绝对路径遍历
Vulnerability Title
Cisco IP Phone 路径遍历漏洞
Vulnerability Description
Cisco IP Phone是美国思科(Cisco)公司的一个硬件设备。提供通话功能的IP电话。 Cisco IP Phone 存在路径遍历漏洞,该漏洞源于输入验证不足。攻击者可以通过向调试 shell 命令提供精心设计的输入来利用此漏洞。成功的利用可能允许攻击者读取设备文件系统上的任何文件。
CVSS Information
N/A
Vulnerability Type
N/A