CNNVD-202509-254 Information

CNNVD ID

CNNVD-202509-254

Related CVE

CVE-2025-20335

• CNNVD Published: 2025-09-03

Description (Chinese)

Cisco IP Phone 8800 Series等都是美国思科（Cisco）公司的产品。Cisco IP Phone 8800 Series是一款8800系列的IP电话。Cisco IP Phone 7800 Series是一款7800系列IP电话。Cisco Desk Phone 9800 Series是一系列IP电话。 Cisco多款产品存在访问控制错误漏洞，该漏洞源于目录权限控制不当，可能导致任意文件写入。以下产品受到影响：Cisco Desk Phone 9800 Series、Cisco IP Phone 7800和8800 Series和Cisco Video Phone 8875。

Description (English)

Cisco IP Phone 8800 Series and others are all Cisco products. Cisco IP Phone 8800 Serieses are an IP number of 8,800 series. Cisco IP Phone 7800 Series Series IP calls. Cisco Desk Phone 9800 Series is a series of IP calls. There was an error in access control for more than one of Cisco ’ s products, which stemmed from inadequate control of directory rights, which could lead to the writing of any document. The following products were affected: Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series and Cisco Vidio Phone 8875.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

Citadel

Published

2025-09-03

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df https://vigilance.fr/vulnerability/Cisco-IP-Phone-7800-8800-read-write-access-via-SIP-Software-48127

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df