exploitDog

CVE-2023-24282

Опубликовано: 08 мар. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file.

Ссылки

http://polycom.com
Product
https://www.cryptnetix.com/blog/2023/01/19/Polycom-Trio-Vulnerability-Disclosure.html
Exploit
Third Party Advisory
http://polycom.com
Product
https://www.cryptnetix.com/blog/2023/01/19/Polycom-Trio-Vulnerability-Disclosure.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:poly:trio_8800_firmware:7.2.2.1094:*:*:*:*:*:*:*

cpe:2.3:h:poly:trio_8800:-:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00234

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-3xq2-5f28-3fjr

CVSS3: 5.4

github

почти 3 года назад

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file.

EPSS

Процентиль: 46%

0.00234

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79