cbcvebase.
CVE-2023-20126
published 2023-05-04

CVE-2023-20126: A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute…

PriorityP180critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
38.15%
98.4th percentile
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges. Cisco has not released firmware updates to address this vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
ciscocisco_small_business_ip_phones
ciscospa112_2-port_phone_adapters
ciscospa112_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • The firmware upgrade function in the web-based management interface of Cisco SPA112 2-Port Phone Adapters does not require authentication, allowing an unauthenticated remote attacker to push a crafted firmware image and achieve RCE with full privileges.
  • Monitor for unauthenticated HTTP requests targeting the firmware upgrade endpoint on Cisco SPA112 devices; any firmware upgrade initiated without a preceding authenticated session should be treated as suspicious.
  • ·Cisco has not released firmware updates to address this vulnerability and there are no workarounds available; affected Cisco SPA112 2-Port Phone Adapters remain permanently exposed.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.