CVE-2020-3161
Cisco IP Phones Web Server Remote Code Execution and Denial of Service Vulnerability
In short
A flaw in Cisco IP Phones' web server allows attackers to send crafted requests that execute malicious code with full system privileges or crash the phone. This happens because the server doesn't properly validate incoming requests.
Technical detail
Improper input validation in the HTTP request handler of Cisco IP Phones' web server enables unauthenticated remote code execution with root privileges or denial of service via crafted HTTP requests. No authentication is required; the attacker needs only network connectivity to the device's web interface.
Summary generated and translated by AI from the official description.
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Cisco · Cisco IP phonepublic PoCs found — 3
githubgithub.com/abood05972/CVE-2020-3161★ 0cve_referencepacketstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48342unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →