CVE-2019-15258

Name of the Vulnerable Software and Affected Versions Cisco SPA100 Series (affected versions not specified)

Description The issue is related to errors in checking user requests to the web-based management interface. It could allow a remote attacker to cause a denial of service condition on an affected device. The problem is due to improper validation of user-supplied requests to the web-based management interface. An attacker could exploit this by sending a crafted request to the interface, potentially causing the device to stop responding and requiring manual intervention for recovery.

Recommendations For Cisco SPA100 Series, consider restricting access to the web-based management interface until a fix is available. As a temporary workaround, manually monitor the device for any signs of denial of service and be prepared for manual intervention if necessary. Avoid using the web-based management interface for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.