CVE-2023-4464

A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...

EUVD-2023-54318

Malicious code in bioql PyPI...

Certain Poly Devices – Path Traversal Vulnerability - Arbitrary File Access by Unauthorized User

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure. HP has released updates to mitigate the potential vulnerabilities. HP has identified affected produc...

CVE-2024-9579

CVE-2024-9579 concerns Poly video conferencing devices. The issue is a firmware input sanitation flaw that enables remote code execution only via a layered attack; it cannot be exploited in isolation. Affected are Poly video conferencing devices (firmwareSanitization issue). Exploitation requires...

UC Software – Unverified Password Change

A potential vulnerability was discovered in certain Poly devices. An attacker who can take over a web server session can also change the administrator password without knowledge of the current password due to an improper authentication check. HP recommends that customers disable the web server an...

UC Software - Use of Insufficiently Random Values

A potential vulnerability was discovered in certain Poly devices. A potential flaw allows an attacker to predict a session and piggyback onto an active administrator session of the web server. The potential vulnerability is dependent on the administrator maintaining an active session. HP has...

PT-2023-29274 · Poly · Edge E220 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX...

PT-2023-8292 · Poly · Poly Vvx 311 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300 versions prior to the fixed version Poly Trio 8500 versions prior to the fixed version Poly Trio 8800 versions prior to the fixed version Poly Trio C60 versions prior to the fixed version Poly CCX 350 versions prior to the fixe...

PT-2023-8254 · Poly · Edge E220 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX...