Code injection

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page...

Genesys CIC Polycom phone provisioning TFTP Server 代码问题漏洞

The Genesys CIC Polycom phone provisioning TFTP Server is a server from Genesys Corporation, USA. A security vulnerability exists in the Genesys CIC Polycom phone provisioning TFTP Server that originates from a vulnerability that could allow a remote attacker to execute arbitrary code via login...

CVE-2023-29930

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page...

PT-2023-22483 · Genesys · Genesys Cic Polycom Phone Provisioning Tftp Server

Name of the Vulnerable Software and Affected Versions: Genesys CIC Polycom phone provisioning TFTP Server affected versions not specified Description: An issue was found that allows a remote attacker to execute arbitrary code via the login credentials to the TFTP server configuration page...

CVE-2023-29930

Genesys CIC Polycom phone provisioning TFTP Server is affected (all versions) per CVE-2023-29930. The vulnerability allegedly allows remote code execution through login credentials to the TFTP server configuration page. The Connected documents corroborate the issue description but do not provide ...

CVE-2023-29930

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page...

8x8: Open Redirect - Polycom Company Directory

Vulnerability description not provided...

Polycom RealPresence Resource Manager 安全漏洞

Polycom RealPresence Resource Manager is a device management software from Polycom USA. It provides centralized management of all your support devices, from mobile devices to desktops and conference phones, through video conference room systems and telepresence. A security vulnerability exists in...

Polycom Trio Remote Code Execution Vulnerability

The Polycom Trio is a Trio series of business conference phones from Polycom USA. A remote code execution vulnerability exists in Polycom Trio, which can be exploited by an attacker to execute commands via unspecified vectors...

Polycom Trio 安全漏洞

The Polycom Trio is a Trio series of business conference phones from Polycom USA. A remote code execution vulnerability exists in Polycom Trio, which can be exploited by an attacker to execute commands via unspecified vectors...

CVE-2021-41322

Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process...

Polycom Vvx 400/410 安全漏洞

The Polycom Vvx 400/410 is a color, mid-range business media phone from Poly, Inc. A security vulnerability exists in the Polycom Vvx 400/410 through 5.3.1 that allows a low-privileged user to change the administrator password by changing the POST parameter to 120 during the password reset proces...

CVE-2021-37145

A command-injection vulnerability in an authenticated Telnet connection in Poly formerly Polycom CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and Remote Code Execution capability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Weak Password Vulnerability in Polycom Device Management System

Founded in 1990, Polycom China is a global integrated collaborative communications company. It is a leading provider of high-quality audio and video conferencing systems and solutions. A weak password vulnerability exists in the Polycom device management system, which can be exploited by an...

CVE-2019-11355

An issue was discovered in Poly formerly Polycom HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By...

Command injection

An issue was discovered in Poly formerly Polycom HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By...

CVE-2019-11355

Affected software: Polycom HDX 3.1.13. Vulnerability: command injection via a crafted CSR field on the administrator page, where the user-provided value is treated as a shell-script factor value; inserting characters (e.g., a single quote) can cause arbitrary system commands to be executed. Root ...

CVE-2019-11355

An issue was discovered in Poly formerly Polycom HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By...

CVE-2012-6611

An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password...

Default credentials

An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password...