Cisco Spa509G Firmware vulnerabilities

CVE-2019-1923 [MEDIUM] CWE-77 CVE-2019-1923: A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate a A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a p

CVE-2019-1683 [HIGH] CWE-295 CVE-2019-1683: A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server cer