Cisco Spa112 2-Port Phone Adapter vulnerabilities

CVE-2019-15241 [HIGH] CWE-119 CVE-2019-15241: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15246 [HIGH] CWE-119 CVE-2019-15246: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15240 [HIGH] CWE-119 CVE-2019-15240: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15247 [HIGH] CWE-119 CVE-2019-15247: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15252 [HIGH] CWE-119 CVE-2019-15252: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15242 [HIGH] CWE-119 CVE-2019-15242: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15250 [HIGH] CWE-119 CVE-2019-15250: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15244 [HIGH] CWE-119 CVE-2019-15244: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15248 [HIGH] CWE-119 CVE-2019-15248: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15245 [HIGH] CWE-119 CVE-2019-15245: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15243 [HIGH] CWE-119 CVE-2019-15243: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15251 [HIGH] CWE-119 CVE-2019-15251: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-15249 [HIGH] CWE-119 CVE-2019-15249: Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an auth Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenti

CVE-2019-12708 [MEDIUM] CWE-200 CVE-2019-12708: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapte A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to unsafe handling of user credentials. An attacker could exploit this vulnerability by viewing portions of the web

CVE-2019-15257 [MEDIUM] CWE-200 CVE-2019-15257: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapte A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper restrictions on configuration information. An attacker could exploit this vulnerability by sending a re

CVE-2019-12704 [MEDIUM] CWE-200 CVE-2019-12704: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapte A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to view the contents of arbitrary files on an affected device. The vulnerability is due to improper input validation in the web-based management interface. An attacker could exploit this vulnerab

CVE-2019-15258 [MEDIUM] CWE-399 CVE-2019-15258: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapte A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the web-based management interface. An attacker could ex

CVE-2019-12702 [MEDIUM] CWE-79 CVE-2019-12702: A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapte A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker coul

CVE-2019-1956 [MEDIUM] CWE-79 CVE-2019-1956: A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an a A vulnerability in the web-based interface of the Cisco SPA112 2-Port Phone Adapter could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against another user of the device. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface of the affected device. An attacker cou