10 matches found
EUVD-2025-21033
Malicious code in bioql PyPI...
CVE-2025-34093
An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting shell metacharacters...
CVE-2025-34093
An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting shell metacharacters...
CVE-2025-34093
Polycom HDX Series devices vulnerable to an authenticated command injection via the Telnet-based devcmds console. The lan traceroute command accepts unsanitized input, enabling arbitrary command execution as root. This is evidenced by references to a PoC/Metasploit module (polycom_hdx_traceroute_...
CVE-2025-34093 Polycom HDX Series Telnet Command Injection via lan traceroute
An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting shell metacharacters...
PT-2025-29136 · Polycom · Polycom Hdx Series
Name of the Vulnerable Software and Affected Versions: Polycom HDX Series affected versions not specified Description: An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds consol...
Polycom HDX Series 操作系统命令注入漏洞
The Polycom HDX Series is a series of high-definition video conferencing systems from Polycom, Inc. The Polycom HDX Series suffers from an operating system command injection vulnerability that stems from a command injection issue in the devcmds console that could lead to remote code execution...
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.001 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Command Shell Grants System-Level Access Risk: LOW Overview: The Polycom Command Shell ...
Polycom H.323 CDR Database SQL Injection
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.003 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom H.323 CDR Database SQL Injection Risk: HIGH Overview: For every received H.323 SETUP...
Polycom Firmware Update Command Injection
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2013.002 15-Mar-2013 Vendor: Polycom, http://www.polycom.com Affected Products: Polycom HDX Series Affected Version: 3.1.1.2 Vulnerability: Polycom Firmware Update Command Injection Risk: MEDIUM Overview: Polycom HDX systems can be...