CVE-2023-20218

Name of the Vulnerable Software and Affected Versions Cisco SPA500 Series Analog Telephone Adapters (ATAs) (affected versions not specified)

Description A vulnerability in the web-based management interface could allow an authenticated, remote attacker to modify a web page in the context of a user's browser. This issue is due to insufficient validation of user-supplied input. An attacker could exploit this by persuading a user to click a crafted link, potentially altering web page contents to redirect users to malicious websites or conducting further client-side attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.