Описание
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
Ссылки
- Exploit
- US Government Resource
- Exploit
- Exploit
- Exploit
- US Government Resource
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:h:lifesize:lifesize_room_appliance:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:lifesize:lifesize_room_appliance_software:4.7.18:*:*:*:*:*:*:*
cpe:2.3:a:lifesize:lifesize_room_appliance_software:ls_rm1_3.5.3:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.70149
Высокий
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
EPSS
Процентиль: 99%
0.70149
Высокий
7.5 High
CVSS2
Дефекты
CWE-20