Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Skinny Client Control Protocol Software  >> 3.0  Security Vulnerabilities
CVE-2012-5445
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary.
CVSS Score
6.8
EPSS Score
0.004
Published
2012-12-28
CVE-2011-1602
The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426.
CVSS Score
6.6
EPSS Score
0.001
Published
2011-06-02
CVE-2011-1603
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 allow local users to gain privileges via unspecified vectors, aka Bug ID CSCtn65815.
CVSS Score
6.6
EPSS Score
0.001
Published
2011-06-02
CVE-2011-1637
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962.
CVSS Score
1.5
EPSS Score
0.001
Published
2011-06-02
CVE-2002-0880
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2."
CVSS Score
5.0
EPSS Score
0.007
Published
2002-10-04
CVE-2002-0881
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-10-04
CVE-2002-0882
The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.
CVSS Score
6.4
EPSS Score
0.011
Published
2002-10-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved