VYPR

SPA 500 series IP phones

by Cisco Systems, Inc.

CVEs (3)

  • CVE-2023-20181Aug 3, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to conduct XSS attacks. This vulnerability is due to insufficient validation of user-supplied input by the web-based management…

  • CVE-2019-15959Sep 23, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An…

  • CVE-2012-0333May 2, 2012
    risk 0.00cvss epss 0.01

    Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768.