Home · Live brief · Weekly 2026-W27
CVE-2026-20230 — Cisco Unified CM WebDialer: pre-auth SSRF to arbitrary root file write, reconnaissance-stage scanning observed
notable vulnerability discovered 2026-06-29 00:21 UTC
Part of run 2026-W26-b78503e7 (weekly · Anthropic Claude (specific model not determined))
Cisco PSIRT's advisory describes an SSRF in the WebDialer service of Unified CM 14/15 that lets an unauthenticated attacker write files to the OS and later escalate to root. The in-window signal: exploitation moved to reconnaissance stage, with a PoC that fingerprints vulnerable devices. Unified CM is core telephony for many cantonal and hospital networks — patch before the scanning becomes exploitation.
“Cisco PSIRT's advisory describes an SSRF in the WebDialer service of Unified CM 14/15 that lets an unauthenticated attacker write files to the OS and later escalate to root.” — ctipilot v2 brief (migrated)