Lucene search
K

206 matches found

CVE
CVE
added 2023/12/29 9:38 a.m.51 views

CVE-2023-4467

CVE-2023-4467 affects Poly Trio 8800, version 7.2.6.0019, in the Test Automation Mode component. Multiple sources describe a backdoor that can be triggered on the physical device, with the exploit publicly disclosed. Red Hat and CVE listings corroborate the issue, and a PoC/exploit for Telnet/roo...

6.6CVSS6.2AI score0.00263EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2023/12/29 9:38 a.m.33 views

CVE-2023-4466 Poly CCX 400/CCX 600/Trio 8800/Trio C60 Web Interface protection mechanism

A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. Th...

3.3CVSS5.5AI score0.00514EPSS
Exploits0References5
CVE
CVE
added 2023/12/29 9:38 a.m.62 views

CVE-2023-4466

CVE-2023-4466 affects Poly CCX 400/600, Trio 8800/C60 Web Interface. The vulnerability in the Web Interface enables remote manipulation that causes protection mechanism failure. No explicit patch is provided; remediation involves removing vulnerable builds from public servers. Exploit has been di...

4.9CVSS4.6AI score0.00514EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2023/12/29 9:37 a.m.85 views

CVE-2023-4465

The CVE-2023-4465 issue affects Poly Trio and VVX/CCX devices (e.g., Trio 8300/8500/8800, Trio C60, CCX 350/400/500/505/600/700, EDGE series, VVX 101/150/201/250/300/301/310/311/350/400/401/410/411/450/500/501/600/601). The root cause is an insufficient check in the Configuration File Import comp...

6.5CVSS5.3AI score0.00463EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2023/12/29 9:37 a.m.50 views

CVE-2023-4464 Poly VVX 601 Diagnostic Telnet Mode os command injection

A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...

8.3CVSS7.6AI score0.03315EPSS
Exploits1References6
CVE
CVE
added 2023/12/29 9:37 a.m.65 views

CVE-2023-4464

CVE-2023-4464 affects Poly VVX 601 and a broad set of Poly Trio/CCX/EDGE/VVX devices. The root cause is a vulnerability in the Diagnostic Telnet Mode component that allows operating system command injection due to inadequate input handling. Exploitation is possible remotely, and public exploit/ad...

8.3CVSS7.4AI score0.03315EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2023/12/29 9:37 a.m.49 views

CVE-2023-4463

The CVE-2023-4463 entry affects Poly CCX 400, CCX 600, Trio 8800, and Trio C60. The vulnerability is in the HTTP Header Handler component, where manipulating the Cookie argument can cause denial of service. Exploitation can be performed remotely, and public disclosure of the exploit is noted. Con...

7.5CVSS6.4AI score0.01006EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2023/12/29 9:31 a.m.81 views

CVE-2023-4462

CVE-2023-4462 affects Poly Trio/CCX/VVX devices (e.g., Trio 8300/8500/8800, C60, CCX 350/400/500/505/600/700, EDGE E100/E220/E300/E320/E350/E400/E450/E500/E550, VVX series 101/150/201/250/300/301/310/311/350/400/401/410/411/450/500/501/600/601). The issue resides in the Web Configuration Applicat...

5.9CVSS5AI score0.0092EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2023/12/29 9:31 a.m.38 views

CVE-2023-4462 Poly VVX 601 Web Configuration Application random values

A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250,...

3.7CVSS6AI score0.0092EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.5 views

PT-2023-8564 · Poly · Poly Trio 8800

Name of the Vulnerable Software and Affected Versions: Poly Trio 8800 version 7.2.6.0019 Description: A critical issue was found in the Test Automation Mode component of the Poly Trio 8800, which can be manipulated to create a backdoor. The attack can be launched on the physical device...

6.8CVSS7.1AI score0.00263EPSS
Exploits1References10
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.3 views

Poly Trio Security Breach

Poly Trio is a Trio series of business conference phones from Poly USA. A security vulnerability exists in Poly CCX and Trio that stems from a password change vulnerability in the parameter device.auth.localAdminPassword of the Configuration File Import component. Affected products and versions:...

6.5CVSS7AI score0.00463EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.4 views

PT-2023-29276 · Poly · Poly Ccx 400 +3

Name of the Vulnerable Software and Affected Versions: Poly CCX 400 affected versions not specified Poly CCX 600 affected versions not specified Poly Trio 8800 affected versions not specified Poly Trio C60 affected versions not specified Description: A vulnerability has been found in the Web...

4.9CVSS6.9AI score0.00514EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.6 views

PT-2023-8292 · Poly · Poly Vvx 311 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300 versions prior to the fixed version Poly Trio 8500 versions prior to the fixed version Poly Trio 8800 versions prior to the fixed version Poly Trio C60 versions prior to the fixed version Poly CCX 350 versions prior to the fixe...

8.3CVSS7.5AI score0.03315EPSS
Exploits1References13
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.7 views

Poly Trio Operating System Command Injection Vulnerability

Poly Trio is a Trio series business conference phone from Poly USA. Poly Trio has an operating system command injection vulnerability that stems from an operating system command injection vulnerability in the Diagnostic Telnet Mode component. Affected products and versions: Poly CCX version 400,...

8.3CVSS7.6AI score0.03315EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.3 views

Poly Trio Security Breach

Poly Trio is a Trio series business conference phone from Poly USA. A security vulnerability exists in Poly Trio 8800 version 7.2.6.0019, which stems from a security flaw in the Test Automation Mode component...

6.6CVSS6.8AI score0.00263EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.9 views

PT-2023-29275 · Poly · Poly Ccx 400 +3

Name of the Vulnerable Software and Affected Versions: Poly CCX 400 affected versions not specified Poly CCX 600 affected versions not specified Poly Trio 8800 affected versions not specified Poly Trio C60 affected versions not specified Description: A vulnerability was found in the HTTP Header...

7.5CVSS7AI score0.01006EPSS
Exploits1References11
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.6 views

Poly Trio Security Breach

Poly Trio is a Trio series of business conference phones from Poly USA. Lens is a distribution of the OpenLens repository, which contains Team Lens-specific customizations released under the legacy EULA. A security vulnerability exists in Poly Trio version 8800 and Trio version C60 that stems fro...

7.6CVSS6.8AI score0.00253EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.6 views

PT-2023-8565 · Poly · Poly Lens +3

Name of the Vulnerable Software and Affected Versions: Poly Trio 8500 version unknown Poly Trio 8800 version unknown Poly Trio C60 version unknown Description: A vulnerability was found in the Poly Lens Management Cloud Registration component, affecting an unknown part of it. The manipulation lea...

7.6CVSS6.6AI score0.00253EPSS
Exploits0References12
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.4 views

Poly CCX and Trio Security Vulnerabilities

Poly Trio is a Trio series business conference phone from Poly USA. A security vulnerability exists in Poly CCX and Trio that stems from a denial of service DOS vulnerability in the cookie parameter of the HTTP Header Handler component. Affected products and versions: Poly CCX version 400, CCX...

7.5CVSS6.8AI score0.01006EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2023/12/19 12:0 a.m.5 views

The vulnerability of the microprogrammed software of the Trio Q, Trio E, and Trio J Ethernet receivers lies in their ability to be redirected to untrusted URL addresses. This allows attackers to redirect users to arbitrary websites.

The vulnerability of the microprogrammed Ethernet receiver software from the Trio Q, Trio E, and Trio J series is related to the ability to redirect users to untrusted URL addresses. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites by sending speciall...

8.5CVSS6.4AI score0.00423EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder