Remote Access Vulnerability in Cisco Unified IP Phones
CVE-2007-1063

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phone Firmware 7906g
Vendor: CVE Published:; 22 February 2007

Summary

A vulnerability exists in the SSH server of Cisco Unified IP Phones where hard-coded username and password settings allow remote attackers to gain unauthorized access to the device. This security flaw affects models including the 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G with firmware versions 8.0(4)SR1 and earlier. Attackers exploiting this flaw can manipulate settings or access sensitive information, posing significant risks to network security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32627

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-air-20070221-p...

vendor-advisoryx_refsource_CISCO

http://www.cisco.com/warp/public/707/cisco-sa-20070221-ph...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 22, 2007
Vulnerability Reserved
Feb 21, 2007