CVE-2020-3161 - OpenCVE

A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Ip Phone 8865 Ip Phone 8811 Firmware Ip Phone 8845 Firmware Ip Phone 7821 Firmware Ip Phone 8851 Firmware Ip Phone 8861 Firmware Ip Phone 7821 8831 Ip Phone 8841 8831 Firmware Ip Phone 7841 Ip Phone 8851 Ip Phone 7861 Ip Phone 7811 Ip Phone 7841 Firmware Ip Phone 8821-ex Ip Phone 8845 Ip Phone 8821-ex Firmware Ip Phone 8861 Ip Phone 8821 Ip Phone 8821 Firmware Ip Phone 8841 Firmware Ip Phone 7811 Firmware Ip Phone 8865 Firmware Ip Phone 7861 Firmware Ip Phone 8811

Configuration 1 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8865_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8865_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8865_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8865:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8851_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8851_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8851_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8851:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:ip_phone_7841_firmware:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7841:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:cisco:ip_phone_7821_firmware:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7821:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8811_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8811_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8811_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8811:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8861_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8861_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8861_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8861:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8845_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8845_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8845_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8845:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:cisco:ip_phone_7861_firmware:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7861:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8841_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8841_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8841_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8841:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:cisco:ip_phone_7811_firmware:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:ip_phone_7811:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8821_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8821_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8821_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8821:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

OR	cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:ip_phone_8821-ex_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:ip_phone_8821-ex:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

OR	cpe:2.3:o:cisco:8831_firmware:10.3\(1\)es14:::::::*
	cpe:2.3:o:cisco:8831_firmware:11.0\(1\):::::::*
	cpe:2.3:o:cisco:8831_firmware:11.0\(5\)sr1:::::::*

cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/157265/Cisco-IP-Phone-11.7-Denial-Of-Service.html	Exploit Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phones-rce-dos-rB6EeRXs	Vendor Advisory