CVE-2018-7565

CSRF exists on Polycom QDX 6000 devices...

CVE-2018-7564

Stored XSS exists on Polycom QDX 6000 devices...

Polycom HDX Endpoint Remote Code Execution Vulnerability

Polycom HDX is a high definition series of network cameras. A remote code execution vulnerability exists in the Polycom HDX endpoint. An attacker can exploit the vulnerability to execute arbitrary code within the context of an application. A failed exploit attack could result in a denial of servi...

Polycom HDX Default Credentials (Telnet)

The Polycom device has default telnet credentials or passwordless login. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Shell HDX Series Traceroute Command Execution', 'Description' = %q Within Polycom command shell, a command execution flaw exists in lan...

Polycom HDX Series RCE

When doing external assessments you spend a decent amount of time footprinting your target and finding possible avenues of attack. Given a large corporate, you are pretty likely to hit video conferencing end-points. This post details a vulnerability in one of these video conferencing systems, the...

Polycom Shell HDX Series Traceroute Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Shell HDX Series Traceroute Command Execution', 'Description' = %q Within Polycom command shell, a command execution flaw exists in lan...

Polycom Shell HDX Series Traceroute Command Execution Exploit

Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl. This module requires Metasploit: https://metasploit.com/download Current source:...

Polycom Shell HDX Series Traceroute Command Execution

Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl. This module requires Metasploit: https://metasploit.com/download Current source:...

Polycom - Command Shell Authorization Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...

Polycom Command Shell Authorization Bypass Exploit

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

Polycom Command Shell Authorization Bypass

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

Polycom Command Shell Authorization Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Command Shell Authorization Bypass', 'Alias' = 'polycomhdxauthbypass', 'Author' = 'Paul Haas ', module 'h00die ', submission/cleanup ,...

Code injection

Polycom RealPresence Resource Manager aka RPRM before 8.4 allows local users to have unspecified impact via vectors related to weak passwords...

CVE-2015-4682

Polycom RealPresence Resource Manager aka RPRM before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager...

Path traversal

Polycom RealPresence Resource Manager aka RPRM before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager...

CVE-2015-4681

Polycom RealPresence Resource Manager aka RPRM before 8.4 allows local users to have unspecified impact via vectors related to weak passwords...

Directory traversal

Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager aka RPRM before 8.4 allow 1 remote authenticated users to read arbitrary files via a .. dot dot in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary fil...

CVE-2015-4684

Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager aka RPRM before 8.4 allow 1 remote authenticated users to read arbitrary files via a .. dot dot in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary fil...

CVE-2015-4685

Polycom RealPresence Resource Manager aka RPRM before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration...