CVE-2020-3161: Cisco IP Phones Web Server Remote Code Execution and
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability. Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.
- CISA KEV-listed (remediation due 2022-05-03)
- EPSS 87.1% (99.5% percentile)