Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapters (ATAs) could allow an authenticated, adjacent attacker to execute arbitrary code with elevated privileges. The vulnerabilities are due to improper validation of user-supplied input to the web-based management interface. An attacker could exploit these vulnerabilities by authenticating to the web-based management interface and sending crafted requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code with elevated privileges. Note: The web-based management interface is enabled by default.
History

Wed, 20 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2019-10-16T18:36:36.053463Z

Updated: 2024-11-20T17:05:38.207Z

Reserved: 2019-08-20T00:00:00

Link: CVE-2019-15250

cve-icon Vulnrichment

Updated: 2024-08-05T00:42:00.534Z

cve-icon NVD

Status : Modified

Published: 2019-10-16T19:15:13.237

Modified: 2024-11-21T04:28:17.670

Link: CVE-2019-15250

cve-icon Redhat

No data.