Описание
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
Ссылки
- Mailing ListThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.4 (исключая)Версия до 2.7.1.j (исключая)
Одновременно
Одно из
cpe:2.3:a:polycom:hdx_video_end_points:*:*:*:*:*:*:*:*
cpe:2.3:a:polycom:uc_apl:*:*:*:*:*:*:*:*
cpe:2.3:h:polycom:hdx_8000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.56094
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
почти 4 года назад
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
EPSS
Процентиль: 98%
0.56094
Средний
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78