all InfoSec news
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
March 2, 2023, 4:17 a.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.
Successful
address attack bug cisco cisco ip phone command command injection critical critical flaw cve cvss flaw injection input ip phone management phone products security security updates series system the web updates validation vulnerability web
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Cloud Security Analyst
@ Cloud Peritus | Bengaluru, India
Cyber Program Manager - CISO- United States – Remote
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
Network Security Engineer (AEGIS)
@ Peraton | Virginia Beach, VA, United States
SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May
@ EMW, Inc. | Mons, Wallonia, Belgium
Information Systems Security Engineer
@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)