VYPR

IP Phone firmware

by Cisco Systems, Inc.

CVEs (3)

  • CVE-2024-20378HigMay 1, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to a lack of authentication for specific endpoints of the…

  • CVE-2024-20376HigMay 1, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition. This vulnerability is due to insufficient validation of user-supplied input.…

  • CVE-2024-20357MedMay 1, 2024
    risk 0.38cvss 5.9epss 0.00

    A vulnerability in the XML service of Cisco IP Phone firmware could allow an unauthenticated, remote attacker to initiate phone calls on an affected device. This vulnerability exists because bounds-checking does not occur while parsing XML requests. An attacker could…