CVE-2023-20079 Information

Description

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities see the Details section of this advisory.

Reference

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP