VYPR

SPA112 2-Port Phone Adapter

by Cisco Systems, Inc.

CVEs (20)

  • CVE-2023-20126CriMay 4, 2023
    risk 0.67cvss 9.8epss 0.38

    A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade…

  • CVE-2019-15252HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15251HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15250HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15249HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15248HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15247HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15246HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15245HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15244HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15243HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15242HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15241HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15240HigOct 16, 2019
    risk 0.52cvss 8.0epss 0.01

    Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based…

  • CVE-2019-15258MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of…

  • CVE-2019-15257MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration…

  • CVE-2019-12708MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to unsafe handling of user credentials. An…

  • CVE-2019-12704MedOct 16, 2019
    risk 0.42cvss 6.5epss 0.02

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. The vulnerability is due to improper input validation in the…

  • CVE-2019-12702MedOct 16, 2019
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input by the…

  • CVE-2019-1956MedAug 8, 2019
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. The vulnerability is due to insufficient validation of…