Cisco Spa514G Firmware vulnerabilities

CVE-2019-1923 [MEDIUM] CWE-77 CVE-2019-1923: A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate a A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to improper input validation in the device configuration interface. An attacker could exploit this vulnerability by accessing the configuration interface, which may require a p

CVE-2018-0389 [HIGH] CWE-399 CVE-2018-0389: A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SIP request messages by an

CVE-2019-1683 [HIGH] CWE-295 CVE-2019-1683: A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server cer