Arbitrary File Download Vulnerability in Cisco 9900 IP Phones
CVE-2013-3426

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phones 9900 Series Firmware; Unified Ip Phone 9951; Unified Ip Phone 9971
Vendor: CVE Published:; 18 July 2013

What is CVE-2013-3426?

The Serviceability servlet on Cisco 9900 IP phones contains a vulnerability that permits remote attackers to access arbitrary files by manipulating file request paths. This flaw can lead to unauthorized disclosure of sensitive information, as the servlet fails to properly validate user inputs, enabling unauthorized access to files on the device.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 18, 2013

JSON

Cisco

What is CVE-2013-3426?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.