CVE-2016-1421

Name of the Vulnerable Software and Affected Versions Cisco IP Phones (affected versions not specified)

Description A vulnerability in the web application could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected device, resulting in a denial of service (DoS) condition. The issue exists because the affected software fails to check the bounds of input data. An attacker could exploit this by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected device, resulting in a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.