CVE-2012-6610

2020-01-2816:28:44

mitre

www.cve.org

AI Score

Confidence

High

EPSS

0.002

Percentile

60.4%

JSON

Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.

References

seclists.org/fulldisclosure/2012/Mar/18

web.archive.org/web/20130317232013/blog.tempest.com.br/joao-paulo-campello/polycom-web-management-interface-os-command-injection.html