VDB
CVE-2020-3161
CVE-2020-3161
PUBLISHED
KEV
CVSS 9.800000190734863 CRITICAL
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.
EPSS 87.09% · 99.5th percentile
Risk Scores
CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
87.09%
99.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | ip_phone_8821_firmware | 11.0\(1\), 11.0\(5\)sr1, * |
| cisco | ip_phone_8861_firmware | 11.0\(1\), 10.3\(1\)es14, 11.0\(5\)sr1 |
| cisco | ip_phone_8845_firmware | 10.3\(1\)es14, *, 11.0\(1\) |
| cisco | ip_phone_8841_firmware | 11.0\(5\)sr1, 11.0\(5\)sr1, 11.0\(1\) |
| cisco | ip_phone_7861_firmware | *, *, 11.0\(1\) |
| cisco | ip_phone_7821_firmware | 11.0\(1\), *, 11.0\(1\) |
| cisco | ip_phone_7811_firmware | 11.0\(1\), *, 11.0\(1\) |
| Cisco | Cisco IP phone | * |
| cisco | ip_phone_8851_firmware | *, 11.0\(1\), 10.3\(1\)es14 |
| cisco | ip_phone_8865_firmware | *, 11.0\(1\), 11.0\(5\)sr1 |
| cisco | 8831_firmware | 11.0\(1\), *, 10.3\(1\)es14 |
| cisco | ip_phone_7841_firmware | 11.0\(1\), 11.0\(1\), * |
| cisco | ip_phone_8811_firmware | *, 11.0\(1\), 11.0\(5\)sr1 |
| cisco | ip_phone_8821-ex_firmware | *, 10.3\(1\)es14, 11.0\(1\) |
Exploit Intelligence
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- Cisco IP Phone 11.7 - Denial of Service (PoC) (github-poc)
- http://packetstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.html (nist-nvd)
- Cisco IP Phone 11.7 - Denial of service (PoC) - Hardware dos Exploit (variot)
- Cisco IP Phone 11.7 - Denial of service (PoC) - Hardware dos Exploit (variot)
…and 28 more exploits
Timeline
- Jan 19, 1970 VulnCheck XDB Entry
- Apr 15, 2020 CVE Published
- Apr 17, 2020 PoC Published
- Apr 18, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Oct 28, 2021 PoC Published
- Nov 3, 2021 CISA KEV Added
- Nov 8, 2021 PoC Published
- Nov 20, 2021 PoC Published
- Feb 4, 2022 EPSS Score
References
- 20200415 Cisco IP Phones Web Server Remote Code Execution and Denial of Service Vulnerability vendor-advisory
- http://packetstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.html url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3161 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-3161 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-capwap-dos-Y2sD9uEw advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-mult-vulns-UNfpdW4E advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-Q7Rtgvby advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mob-exp-csrf-b8tFec24 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-taps-path-trav-pfsFO93r advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-wpa-dos-5ZLs6ESz advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-coap-dos-WTBu6YTq advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160609-ipp advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-gas-dos-8FsE3AWH advisory