Spa 301 1 Line Ip Phone

spa_301_1_line_ip_phone

Vendor: Cisco • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-0670 1Cisco 15Spa300 Firmware Spa500 FirmwareSpa 301 1 Line Ip Phone+12 more May 6, 2026 Mar 21, 2015 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls v...Show more The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls via a crafted XML request, aka Bug ID CSCuo52482.Show less
CVE-2014-3313 1Cisco 16Spa901 1 Line Ip Phone Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 more May 6, 2026 Jul 9, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.
CVE-2014-3312 1Cisco 16Spa901 1 Line Ip Phone Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 more May 6, 2026 Jul 9, 2014 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory...Show more The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.Show less