CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-34710 – Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34710
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el Software de Cisco ATA 190 Series Analog Telephone Adapter podrían permitir a un atacante llevar a cabo un ataque de inyección de comandos que resultara en una ejecución de código remota o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-A4J57F3 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-34735 – Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34735
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el Software de Cisco ATA 190 Series Analog Telephone Adapter podrían permitir a un atacante llevar a cabo un ataque de inyección de comandos resultando en una ejecución de código remota o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-A4J57F3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2013-1111
https://notcve.org/view.php?id=CVE-2013-1111
The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system commands via vectors involving a session on TCP port 7870, aka Bug ID CSCtz67038. El Cisco ATA 187 Analog Telephone Adaptor con el firmware v9.2.1.0 y v9.2.3.1 antes ES build 4 no aplica correctamente el control de acceso, lo que permite a atacantes remotos ejecutar comandos del sistema operativo a través de vectores relacionados con una sesión en el puerto TCP 7870, ID de error también conocido como CSCtz67038. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130206-ata187 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 12%CPEs: 8EXPL: 0CVE-2005-4794
https://notcve.org/view.php?id=CVE-2005-4794
Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. • http://secunia.com/advisories/15472 http://securitytracker.com/id?1014043 http://securitytracker.com/id?1014044 http://securitytracker.com/id?1014045 http://securitytracker.com/id?1014046 http://securitytracker.com/id? •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 2CVE-2002-0769 – Cisco ATA-186 - HTTP Device Configuration Disclosure
https://notcve.org/view.php?id=CVE-2002-0769
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters. • https://www.exploit-db.com/exploits/21441 http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml http://www.iss.net/security_center/static/9056.php http://www.iss.net/security_center/static/9057.php http://www.securityfocus.com/bid/4711 http://www.securityfocus.com/bid/4712 •