CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Cisco 15Spa300 Firmware Spa500 FirmwareSpa 301 1 Line Ip Phone+12 moreMay 6, 2026 Mar 21, 2015 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or originate telephone calls v...Show more |
1Cisco 16Spa901 1 Line Ip Phone Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 moreMay 6, 2026 Jul 9, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582. |
1Cisco 16Spa901 1 Line Ip Phone Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 moreMay 6, 2026 Jul 9, 2014 N/A· v4 N/A· v3 6.9 MEDIUM· v2 The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory...Show more |
1Cisco 18Spa2102 Phone Adapter With Router Spa2102 Phone Adapter With Router FirmwareSpa3102 Voice Gateway With Router+15 moreApr 29, 2026 Jun 13, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to i...Show more |