CVE-2015-0604

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phones 9971 Firmware
Vendor: CVE Published:; 7 February 2015

Summary

The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100620

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/62761

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 7, 2015
Vulnerability Reserved
Jan 7, 2015