VYPR

Ata 187 Analog Telephone Adaptor

by Cisco Systems, Inc.

CVEs (18)

  • CVE-2021-34735HigOct 6, 2021
    risk 0.57cvss 8.8epss 0.02

    Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about…

  • CVE-2021-34710HigOct 6, 2021
    risk 0.57cvss 8.8epss 0.03

    Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about…

  • CVE-2024-20458HigOct 16, 2024
    risk 0.53cvss 8.2epss 0.01

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or change the firmware on an affected device. This vulnerability is due to a…

  • CVE-2024-20421HigOct 16, 2024
    risk 0.46cvss 7.1epss 0.00

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This…

  • CVE-2024-20459MedOct 16, 2024
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to execute arbitrary commands as the root user on the underlying operating system. …

  • CVE-2024-20460MedOct 16, 2024
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient…

  • CVE-2024-20461MedOct 16, 2024
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized.…

  • CVE-2024-20462MedOct 16, 2024
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect…

  • CVE-2024-20463MedOct 16, 2024
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot an affected device. This vulnerability is due to the HTTP server allowing…

  • CVE-2024-20420MedOct 16, 2024
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with low privileges to run commands as an Admin user. This vulnerability is due to incorrect authorization…

  • CVE-2022-20691MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of an affected device. This vulnerability is due to missing length validation of…

  • CVE-2022-20690MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities…

  • CVE-2022-20689MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities…

  • CVE-2022-20688MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This…

  • CVE-2022-20687MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. …

  • CVE-2022-20686MedDec 12, 2022
    risk 0.35cvss 5.3epss 0.01

    Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause the LLDP service to restart. …

  • CVE-2002-0769Aug 12, 2002
    risk 0.04cvss epss 0.08

    The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the…

  • CVE-2013-1111Feb 13, 2013
    risk 0.00cvss epss 0.01

    The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038.