May 7, 2024

Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)

1 year ago

Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters. The adapters are widely used to integrate analog phones into VoIP networks without the need for an upgrade. About the vulnerability (CVE-2023-20126) CVE-2023-20126 can be exploited without prior authentication. “This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device … More

The post Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126) appeared first on Help Net Security.

About The Author

See author's posts

More Stories

Smoke Alarm Data Breach

5 days ago admin

How we built the new Find My Device network with user security and privacy in mind

2 weeks ago admin

Prevent Generative AI Data Leaks with Chrome Enterprise DLP

2 weeks ago admin