Unrated severityNVD Advisory· Published Feb 22, 2007· Updated Apr 23, 2026

CVE-2007-1063

Description

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.

Affected products

Cisco Systems, Inc./Unified Ip Phone Firmware 7906g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7906g:8.0\(4\):sr1:*:*:*:*:*:*
Cisco Systems, Inc./Unified Ip Phone Firmware 7911g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7911g:8.0\(4\):sr1:*:*:*:*:*:*
Cisco Systems, Inc./Unified Ip Phone Firmware 7941g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7941g:8.0\(4\):sr1:*:*:*:*:*:*
Cisco Systems, Inc./Unified Ip Phone Firmware 7961g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7961g:8.0\(4\):sr1:*:*:*:*:*:*
Cisco Systems, Inc./Unified Ip Phone Firmware 7970g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7970g:8.0\(4\):sr1:*:*:*:*:*:*
Cisco Systems, Inc./Unified Ip Phone Firmware 7971g
cpe:2.3:o:cisco:unified_ip_phone_firmware_7971g:8.0\(4\):sr1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtmlnvdPatchVendor Advisory
secunia.com/advisories/24262nvdVendor Advisory
www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtmlnvdVendor Advisory
www.securityfocus.com/bid/22647nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
www.vupen.com/english/advisories/2007/0689nvdThird Party Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/32627nvdThird Party AdvisoryVDB Entry
osvdb.org/45246nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000