Cisco has disclosed two high-severity vulnerabilities affecting its IP phones, with one causing remote code execution (RCE) and the other enabling denial-of-service (DoS) attacks. Both vulnerabilities stem from insufficient validation of user-supplied input and can be exploited using malicious requests sent to the targeted device’s web-based management interface.
Get through updates and upcoming events, and more directly in your inbox