Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability
Vulnerability Description
A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of proper authentication controls. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to perform arbitrary file writes to specific directories in the underlying operating system. Note: To exploit this vulnerability, Web Access must be enabled on the phone. Web Access is disabled by default.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco多款产品 访问控制错误漏洞
Vulnerability Description
Cisco IP Phone 8800 Series等都是美国思科(Cisco)公司的产品。Cisco IP Phone 8800 Series是一款8800系列的IP电话。Cisco IP Phone 7800 Series是一款7800系列IP电话。Cisco Desk Phone 9800 Series是一系列IP电话。 Cisco多款产品存在访问控制错误漏洞,该漏洞源于目录权限控制不当,可能导致任意文件写入。以下产品受到影响:Cisco Desk Phone 9800 Series、Cisco I
CVSS Information
N/A
Vulnerability Type
N/A