Cisco IP Phones could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation by the web server. By sending specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause a reload on the system.
Cisco IP Phone 7861
Cisco IP Phone 8851
Cisco IP Phone 8861
Cisco IP Phone 8865
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.