{"uuid": "71f4f1ef-6c24-44f9-8f14-13b0613633ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-20078", "type": "seen", "source": "https://t.me/KomunitiSiber/9", "content": "Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack\nhttps://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html\n\nCisco on Wednesday rolled out\u00a0security updates\u00a0to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products.\nThe vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.\nSuccessful", "creation_timestamp": "2023-03-02T09:54:44.000000Z"}