3 matches found
CVE-2022-26479
Poly EagleEye Director II (pre-2.2.2.1) contains an authentication bypass vulnerability where the existence of a certain file (creatable via an rsync backdoor) causes all API calls to run with admin privileges. Affected component/file path is unspecified in the initial documents; root cause is an...
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass Vulnerability
======================================================================= title: Multiple Critical Vulnerabilities product: Poly EagleEye Director II vulnerable version: 2.2.1.1 Jul 1, 2021 fixed version: 2.2.2.1 or higher CVE number: CVE-2022-26479, CVE-2022-26482 impact: critical homepage:...
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: Poly EagleEye Director II vulnerable version: 2.2.1.1 Jul 1, 2021 fixed version: 2.2.2.1 or higher CVE number: CVE-2022-26479,...