356 matches found
CVE-2026-0754
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2026-0754
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
EUVD-2026-9270
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2026-0754 SIP Service Providers – Possible Impersonation of Poly Voice Device
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2026-0754 SIP Service Providers – Possible Impersonation of Poly Voice Device
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
CVE-2026-0754
The CVE describes a vulnerability in Poly Voice devices where an embedded test key and certificate can be extracted via reverse engineering. If a SIP service provider does not properly validate device certificates, the extracted certificate could be accepted, enabling impersonation of the Poly Vo...
HP Poly Edge E Series 安全漏洞
The HP Poly Edge E Series is a series of IP desktop phones produced by the American company HP. The HP Poly Edge E Series contains security vulnerabilities. These vulnerabilities stem from the inclusion of test keys and certificates within the devices, which may allow attackers to extract these...
PT-2026-22708
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate...
SIP Service Providers – Possible Impersonation of Poly Voice Device
An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if the service provider does not perform proper validation of the device certificate. Service...
CVE-2021-41322
Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process...
CVE-2022-26481
An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request CSR action...
CVE-2022-26479
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file which can be created via an rsync backdoor causes all API calls to execute as admin without authentication...
CVE-2022-26482
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin...
CVE-2024-41912
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls...
CVE-2024-41913
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input...
CVE-2023-4468
A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack on the physical...
CVE-2023-4467
A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. Affected by this issue is some unknown functionality of the component Test Automation Mode. The manipulation leads to backdoor. It is possible to launch the attack on the physical device. The exploit has been...
CVE-2023-4464
A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201,...
CVE-2025-14432
CVE-2025-14432 affects HP video conferencing products (HP TC8/TC10 noted in CNNVD) with a data-leakage issue where sensitive data could be written to log files when an admin uses Microsoft Teams Admin Center (TAC) to apply device configuration changes. The log file is restricted to admins but exp...
CVE-2025-14432 Poly Video - Sensitive Data Might Be Written to Log File
In limited scenarios, sensitive data might be written to the log file if an admin uses Microsoft Teams Admin Center TAC to make device configuration changes. The affected log file is visible only to users with admin credentials. This is limited to Microsoft TAC and does not affect configuration...