Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2020-3161

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

  • Published: Apr 15, 2020
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-3161
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
cisco / ip_phone_8865_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8865_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8865_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_8851_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8851_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8851_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_7841_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_7821_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8811_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8811_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8811_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_8861_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8861_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8861_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_8845_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8845_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8845_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_7861_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8841_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8841_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8841_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_7811_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8821_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8821_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8821_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / ip_phone_8821-ex_firmware 10.3(1)es14 10.3(1)es14.x
cisco / ip_phone_8821-ex_firmware 11.0(1) 11.0(1).x
cisco / ip_phone_8821-ex_firmware 11.0(5)sr1 11.0(5)sr1.x
cisco / 8831_firmware 10.3(1)es14 10.3(1)es14.x
cisco / 8831_firmware 11.0(1) 11.0(1).x
cisco / 8831_firmware 11.0(5)sr1 11.0(5)sr1.x