Cisco has disclosed a critical server-side request forgery (SSRF) vulnerability in its Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). Tracked as CVE-2026-20230, with publicly available proof-of-concept (PoC) exploit code increasing the risk of...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

Cisco Unified Communications Manager Vulnerability Exposed Along With PoC Exploit Code

VERWANDTEARTIKEL

[High] CVE-2026-50207 – The system Binder boundary accepts unverified pass-through AT commands, giving l...

[Critical] CVE-2026-50208 – High-risk TrustAllCerts routines disable standard TLS certificate validation. Co...

[Critical] CVE-2026-50209 – Broadcast events allow malicious software to rewrite the device's default Mobile...

[Medium] CVE-2026-50210 – The device encrypts data using AES-CBC with static zero-filled Initialization Ve...

[High] CVE-2026-50211 – Leftover engineering diagnostics and factory-level diagnostic software remain ex...

[High] CVE-2026-50212 – Weak validation logic within device dissociation API routines allows a remote en...