Skip to main content

Spa500Ds Firmware

4 CVEs product

Monthly

CVE-2023-20218 MEDIUM This Month

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to to modify a web page in the context of a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Spa500Ds Firmware Spa500S Firmware Spa501G Firmware +9
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-20181 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Spa500Ds Firmware Spa500S Firmware Spa501G Firmware +9
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2019-1923 MEDIUM This Month

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Spa501G Firmware Spa502G Firmware Spa504G Firmware +7
NVD
CVSS 3.1
6.6
EPSS
0.5%
CVE-2019-1683 HIGH This Week

A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Spa112 Firmware Spa525 Firmware Spa5X5 Firmware +11
NVD
CVSS 3.1
7.4
EPSS
0.9%
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in web-based management interface of Cisco SPA500 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to to modify a web page in the context of a. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Spa500Ds Firmware +11
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco XSS Spa500Ds Firmware +11
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Spa501G Firmware +9
NVD
EPSS 1% CVSS 7.4
HIGH This Week

A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Spa112 Firmware +13
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy