Vulnerability Details CVE-2020-3161
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.822
EPSS Ranking 99.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
Ransomware Campaign
Unknown
References
- http://packetstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
- http://packetstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs
Products affected by CVE-2020-3161
-
cpe:2.3:h:cisco:8831:-
-
cpe:2.3:h:cisco:ip_phone_7811:-
-
cpe:2.3:h:cisco:ip_phone_7821:-
-
cpe:2.3:h:cisco:ip_phone_7841:-
-
cpe:2.3:h:cisco:ip_phone_7861:-
-
cpe:2.3:h:cisco:ip_phone_8811:-
-
cpe:2.3:h:cisco:ip_phone_8821-ex:-
-
cpe:2.3:h:cisco:ip_phone_8821:-
-
cpe:2.3:h:cisco:ip_phone_8841:-
-
cpe:2.3:h:cisco:ip_phone_8845:-
-
cpe:2.3:h:cisco:ip_phone_8851:-
-
cpe:2.3:h:cisco:ip_phone_8861:-
-
cpe:2.3:h:cisco:ip_phone_8865:-
-
cpe:2.3:o:cisco:8831_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:8831_firmware:11.0(1)
-
cpe:2.3:o:cisco:8831_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_7811_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_7821_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_7841_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_7861_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8811_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8811_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8811_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8821_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8821_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8821_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8841_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8841_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8841_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8845_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8845_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8845_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8851_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8851_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8851_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8861_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8861_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8861_firmware:11.0(5)sr1
-
cpe:2.3:o:cisco:ip_phone_8865_firmware:10.3(1)es14
-
cpe:2.3:o:cisco:ip_phone_8865_firmware:11.0(1)
-
cpe:2.3:o:cisco:ip_phone_8865_firmware:11.0(5)sr1