Описание
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:cisco:unified_ip_phones_9971_firmware:9.4\(.1\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_ip_phone_9971:*:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:cisco:unified_ip_phones_9951_firmware:9.4\(.1\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_ip_phone_9951:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00175
Низкий
5 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.
EPSS
Процентиль: 39%
0.00175
Низкий
5 Medium
CVSS2
Дефекты
CWE-20