Every CVE whose affected-product data names Cisco Spa300 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-12271 — CVSS 8.8 (high): A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on…
CVE-2016-1469 — CVSS 7.5 (high): The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a…
CVE-2015-6403 — CVSS 7.2 (high): The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly validates firmware-image file integrity…
CVE-2015-0670 — CVSS 6.4 (medium): The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which…