cbcvebase.
CVE-2024-20454
published 2024-08-07

CVE-2024-20454: Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones…

PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
6.60%
93.0th percentile
Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.

Affected

34 ranges· showing 25
VendorProductVersion rangeFixed in
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones
ciscocisco_small_business_ip_phones

Detection & IOCsextracted from sources · hover to see the quote

  • Detect exploitation attempts by monitoring for crafted HTTP requests targeting the web-based management interface of Cisco SPA300/SPA500 IP phones, which trigger a buffer overflow via malformed/oversized HTTP packets
  • Monitor HTTP traffic to Cisco SPA300/SPA500 web management interfaces for anomalously large or malformed HTTP packets that do not conform to expected structure, indicative of buffer overflow exploitation (CWE-120)
  • All five related flaws (CVE-2024-20450, CVE-2024-20452, CVE-2024-20454, CVE-2024-20451, CVE-2024-20453) affect SPA300 and SPA500 regardless of device configuration and are independently exploitable; alert on any unauthenticated HTTP requests to the management interface of these devices
  • ·No software fix is available and no workarounds exist; Cisco has not released and will not release patches for SPA300 or SPA500 series phones — network-level controls (e.g., blocking external access to the web management interface) are the only mitigation
  • ·All software releases running on SPA300 and SPA500 are vulnerable; there is no safe/patched version to allowlist or target for upgrade

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.