CVE-2023-20078

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Severity	CRITICAL
CVSS	9.8
CWE	CWE-121
KEV
Published	3 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco RV Series Routers	cisco-sa-ip-phone-cmd-inj-KMFynVcP
Cisco Nexus Dashboard	cisco-sa-ip-phone-cmd-inj-KMFynVcP
Cisco 8000 Series Routers	cisco-sa-ip-phone-cmd-inj-KMFynVcP
Cisco Session Initiation Protocol (SIP) Software	cisco-sa-ip-phone-cmd-inj-KMFynVcP
Cisco IP phone	cisco-sa-ip-phone-cmd-inj-KMFynVcP
Cisco IP Phones with Multiplatform Firmware	cisco-sa-ip-phone-cmd-inj-KMFynVcP