Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Cisco Small Business SPA300 Series IP Phones和Cisco Small Business SPA500 Series IP Phones 安全漏洞
Vulnerability Description
Cisco Small Business SPA500 Series IP Phones和Cisco Small Business SPA300 Series IP Phones都是美国思科(Cisco)公司的产品。Cisco Small Business SPA500 Series IP Phones是一款SPA500系列IP电话。Cisco Small Business SPA300 Series IP Phones是一款SPA300系列IP电话。 Cisco Small Business SPA30
CVSS Information
N/A
Vulnerability Type
N/A