Improper Enforcement of Mounted-Filesystem Permissions in Cisco 8800 Phones with Software 11.0(1)

Improper Enforcement of Mounted-Filesystem Permissions in Cisco 8800 Phones with Software 11.0(1)

CVE-2016-1435 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:C/A:C

Cisco 8800 phones with software 11.0(1) do not properly enforce mounted-filesystem permissions, which allows local users to write to arbitrary files by leveraging shell access, aka Bug ID CSCuz03014.

Learn more about our User Device Pen Test.