CVE-2020-3161
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
CVSS
—
Sin CVSS
EPSS
83.7%
p100
KEV
SÍ
3 nov 2021
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Cisco / Cisco IP Phones
Vulnerabilidad
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
3 may 2022
Uso conocido en ransomware
No
Descripción resumida
Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2020-3161
Sin CVEs relacionados por CWE o producto.