VYPR

IP Phone 8800 Series Firmware

by Cisco Systems, Inc.

CVEs (32)

  • CVE-2018-0341HigJul 16, 2018
    risk 0.58cvss 8.8epss 0.06

    A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability…

  • CVE-2016-1403HigJun 4, 2016
    risk 0.51cvss 7.8epss 0.01

    CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005.

  • CVE-2018-0325HigMay 17, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone. The…

  • CVE-2016-1479HigAug 22, 2016
    risk 0.49cvss 7.5epss 0.03

    Cisco IP Phone 8800 devices with software 11.0(1) allow remote attackers to cause a denial of service (memory corruption) via a crafted HTTP request, aka Bug ID CSCuz03038.

  • CVE-2016-1421HigJun 10, 2016
    risk 0.49cvss 7.5epss 0.04

    A vulnerability in the web application for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability exists because the…

  • CVE-2015-6360HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.08

    The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

  • CVE-2016-1435HigJun 23, 2016
    risk 0.46cvss 7.0epss 0.00

    Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014.

  • CVE-2017-12305MedNov 16, 2017
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka Debug Shell Command Injection. The vulnerability is due to insufficient input validation. An attacker could exploit this…

  • CVE-2016-1434MedJun 23, 2016
    risk 0.42cvss 6.5epss 0.01

    The license-certificate upload functionality on Cisco 8800 phones with software 11.0(1) allows remote authenticated users to delete arbitrary files via an invalid file, aka Bug ID CSCuz03010.

  • CVE-2017-12328MedNov 30, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in Session Initiation Protocol (SIP) call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the SIP process unexpectedly restarts. All active phone calls are dropped…

  • CVE-2017-6656MedJun 13, 2017
    risk 0.38cvss 5.9epss 0.02

    A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the SIP process unexpectedly restarting. All active phone calls are…

  • CVE-2017-6630MedMay 22, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to an abnormal SIP message. An attacker could exploit…

  • CVE-2016-1476MedAug 22, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability on Cisco IP Phone 8800 devices with software 11.0 allows remote authenticated users to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCuz03024.

  • CVE-2024-20454Aug 7, 2024
    risk 0.01cvss epss 0.07

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with…

  • CVE-2019-1716Mar 22, 2019
    risk 0.01cvss epss 0.03

    A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary…

  • CVE-2025-20335Sep 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to a lack of…

  • CVE-2025-20336Sep 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists…

  • CVE-2021-1379Nov 18, 2024
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP…

  • CVE-2024-20533Nov 6, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against…

  • CVE-2024-20445Nov 6, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper storage…

Page 1 of 2