Skip to main content

Ip Phone 8861 Firmware

20 CVEs product

Monthly

CVE-2025-20336 MEDIUM This Month

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Desk Phone 9841 Firmware Desk Phone 9851 Firmware Desk Phone 9861 Firmware +14
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-20335 MEDIUM This Month

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Desk Phone 9841 Firmware Desk Phone 9851 Firmware Desk Phone 9861 Firmware +14
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-20445 MEDIUM This Month

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Desk Phone 9841 Firmware Desk Phone 9851 Firmware Desk Phone 9861 Firmware +15
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-20079 HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Cisco Stack Overflow +21
NVD
CVSS 3.1
7.5
EPSS
10.3%
CVE-2023-20078 CRITICAL Act Now

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Cisco Stack Overflow +17
NVD
CVSS 3.1
9.8
EPSS
10.4%
CVE-2023-20018 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Ip Phone 7800 Firmware Ip Phone 7811 Firmware Ip Phone 7821 Firmware +19
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-20968 HIGH This Week

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco RCE Memory Corruption +13
NVD
CVSS 3.1
8.8
EPSS
6.1%
CVE-2022-20774 HIGH This Week

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco CSRF Ip Phone 6871 Firmware Ip Phone 6861 Firmware +15
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2021-34711 MEDIUM This Month

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Ip Conference Phone 7832 Firmware Ip Conference Phone 8832 Firmware Ip Phone 7811 Firmware +13
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-33478 MEDIUM This Month

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Broadcom Ip Phone 8800 Firmware +14
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2020-26141 MEDIUM CISA This Month

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Microsoft Awus036H Firmware Meraki Gr10 Firmware Meraki Gr60 Firmware +92
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-26140 MEDIUM CISA This Month

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Microsoft Awus036H Firmware Scalance W1748 1 Firmware Scalance W1750D Firmware +191
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2020-26139 MEDIUM PATCH CISA This Month

An issue was discovered in the kernel in NetBSD 7.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Netbsd Debian Linux C 100 Firmware C 110 Firmware +162
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-24588 LOW POC CISA Monitor

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ieee 802 11 Mac80211 Windows 10 Windows 7 +177
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.3%
Threat
4.2
CVE-2020-3574 HIGH PATCH This Week

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Ip Dect 210 Firmware Ip Dect 6825 Firmware Ip Phone 8811 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
7.9%
CVE-2020-3161 CRITICAL POC KEV THREAT Act Now

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Denial Of Service Ip Phone 8865 Firmware Ip Phone 8851 Firmware Ip Phone 7841 Firmware +10
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
83.7%
CVE-2020-3111 HIGH This Week

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ip Conference Phone 7832 Firmware Ip Conference Phone 7832 With Multiplatform Firmware Ip Conference Phone 8832 Firmware +30
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2019-1922 HIGH This Week

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Cisco Ip Conference Phone 7832 Firmware Ip Conference Phone 8832 Firmware +10
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2019-1635 HIGH This Week

A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Conference Phone 7832 Firmware Ip Conference Phone 8832 Firmware Ip Phone 7811 Firmware +13
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2019-1684 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware Ip Phone 7800 Firmware Ip Conference Phone 7832 Firmware +11
NVD
CVSS 3.1
6.5
EPSS
0.6%
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Desk Phone 9841 Firmware +16
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Desk Phone 9841 Firmware +16
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Desk Phone 9841 Firmware +17
NVD
EPSS 10% CVSS 7.5
HIGH This Week

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE +23
NVD
EPSS 10% CVSS 9.8
CRITICAL Act Now

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE +19
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones could allow an unauthenticated, remote attacker to bypass authentication on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Ip Phone 7800 Firmware +21
NVD
EPSS 6% CVSS 8.8
HIGH This Week

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco +15
NVD
EPSS 0% CVSS 8.1
HIGH This Week

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco CSRF +17
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Ip Conference Phone 7832 Firmware +15
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE +16
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Microsoft Awus036H Firmware +94
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Microsoft Awus036H Firmware +193
NVD GitHub VulDB
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

An issue was discovered in the kernel in NetBSD 7.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Netbsd Debian Linux +164
NVD GitHub VulDB
EPSS 0% 4.2 CVSS 3.5
LOW POC Monitor

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Ieee 802 11 Mac80211 +179
NVD GitHub VulDB
EPSS 8% CVSS 7.5
HIGH PATCH This Week

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Cisco Denial Of Service Ip Dect 210 Firmware +7
NVD
EPSS 84% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Denial Of Service Ip Phone 8865 Firmware +12
NVD Exploit-DB
EPSS 3% CVSS 8.8
HIGH This Week

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Ip Conference Phone 7832 Firmware +32
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Cisco +12
NVD
EPSS 2% CVSS 7.5
HIGH This Week

A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Conference Phone 7832 Firmware +15
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Ip Phone 8800 Firmware +13
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy