← Back

Spa941

spa941

Vendor: Linksys • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2007-5411
1Linksys
1Spa941
Apr 23, 2026
Oct 12, 2007
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.
CVE-2007-2270
1Linksys
1Spa941
Apr 23, 2026
Apr 25, 2007
N/A· v4
N/A· v3
7.8 HIGH· v2
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.