Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IP Phone Software Arbitrary File Read Vulnerability
Vulnerability Description
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by providing crafted input to a debug shell command. A successful exploit could allow the attacker to read any file on the device file system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
绝对路径遍历
Vulnerability Title
Cisco IP Phone 路径遍历漏洞
Vulnerability Description
Cisco IP Phone是美国思科(Cisco)公司的一个硬件设备。提供通话功能的IP电话。 Cisco IP Phone 存在路径遍历漏洞,该漏洞源于输入验证不足。攻击者可以通过向调试 shell 命令提供精心设计的输入来利用此漏洞。成功的利用可能允许攻击者读取设备文件系统上的任何文件。
CVSS Information
N/A
Vulnerability Type
N/A