Cisco SPA100 Series Analog Telephone Adapters Remote Code Execution Vulnerabilities
Description
Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Multiple RCE vulnerabilities in Cisco SPA100 Series ATAs allow an authenticated adjacent attacker to execute arbitrary code via crafted web requests.
Vulnerability
Multiple remote code execution vulnerabilities exist in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATA), including models SPA112, SPA122, SPA2102, and SPA3102. The vulnerabilities are caused by improper validation of user-supplied input. An attacker must have authenticated access to the web interface, which is enabled by default. Affected firmware versions are those prior to the fixed releases described in the Cisco security advisory [1].
Exploitation
An authenticated attacker on the same network (adjacent) can send crafted HTTP requests to the web-based management interface of an affected device. No additional user interaction is required beyond authentication. The attacker leverages input validation flaws to inject commands or trigger buffer overflows, leading to code execution.
Impact
Successful exploitation allows the attacker to execute arbitrary code with elevated privileges, effectively gaining full control of the device. This can lead to complete compromise of the ATA, including the ability to modify configuration, intercept traffic, or pivot to other network resources.
Mitigation
Cisco has released free firmware updates to address these vulnerabilities. Affected users should upgrade to the latest firmware version as specified in the Cisco Security Advisory [1]. Details on fixed releases and download instructions are available in the advisory. No workarounds are documented; the web-based management interface can be restricted to trusted networks as a general best practice.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-spa-rcemitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.