← Back

Spa901 1 Line Ip Phone

spa901_1-line_ip_phone

Vendor: Cisco • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-3313
1Cisco
16Spa901 1 Line Ip Phone
Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 more
May 6, 2026
Jul 9, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuo52582.
CVE-2014-3312
1Cisco
16Spa901 1 Line Ip Phone
Spa922 1 Line Ip Phone With 1 Port EthernetSpa941 4 Line Ip Phone With 1 Port Ethernet+13 more
May 6, 2026
Jul 9, 2014
N/A· v4
N/A· v3
6.9 MEDIUM· v2
The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory...Show more
The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435.Show less