18 matches found
EUVD-2018-10286
Malware in sbrugna...
Polycom Vvx 400/410 安全漏洞
The Polycom Vvx 400/410 is a color, mid-range business media phone from Poly, Inc. A security vulnerability exists in the Polycom Vvx 400/410 through 5.3.1 that allows a low-privileged user to change the administrator password by changing the POST parameter to 120 during the password reset proces...
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
Exploit for hardware platform in category local exploits Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability Product: VVX 500 / VVX 601 Manufacturer: Polycom Affected Versions: = 5.8.0.12848 Tested Versions: 5.4.0.10182, 5.8.0.12848 Vulnerability Type: X.509 validation -...
CVE-2018-18566
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business...
CVE-2018-18566
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business...
CVE-2018-18568
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business...
Design/Logic Flaw
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business...
CVE-2018-18566
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business...
CVE-2018-18568
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business...
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2018-027 Product: VVX 500 / VVX 601 Manufacturer: Polycom Affected Versions: = 5.8.0.12848 Tested Versions: 5.4.0.10182, 5.8.0.12848 Vulnerability Type: X.509 validation - Man-in-the-Middle CWE-300 Risk Level: Medium Solution Statu...
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory ID: SYSS-2018-028 Product: VVX 500 / VVX 601 Manufacturer: Polycom Affected Versions: OWNIP=192.168.100.102 if -z "$1" then echo "Please enter an IPv4 address as target" exit else TARGET=$1 fi echo 'OPTIONS sip:dummy SIP/2.0 Via: SIP/2.0/TC...
Polycom VVX Web Interface Forced Admin Password Change Vulnerability
Polycom is a global leader in standards-based unified communications UC solutions for telepresence, video and voice. The Polycom VVX web interface can be forced to change the admin password vulnerability, which requires a user to access the "user" account in the web interface of a Polycom VoIP...
Polycom VVX Web Interface Privilege Escalation
Exploit Title: Polycom VVX Web Interface - Change Admin Password as User Date: January 26, 2017 Exploit Author: Mike Brown Vendor Homepage: http://www.polycom.com/ Software Link: http://downloads.polycom.com/voice/voip/ucswreleasesmatrix.html Version: Polycom vvx 410 UC Software Version: 5.3.1.04...
Polycom VVX Web Interface - Change Admin Password
Polycom VVX Web Interface - Change Admin Password Exploit Title: Polycom VVX Web Interface - Change Admin Password as User Date: January 26, 2017 Exploit Author: Mike Brown Vendor Homepage: http://www.polycom.com/ Software Link: http://downloads.polycom.com/voice/voip/ucswreleasesmatrix.html...
Polycom VVX Web Interface - Change Admin Password Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Polycom VVX Web Interface - Change Admin Password as User Date: January 26, 2017 Exploit Author: Mike Brown Vendor Homepage: http://www.polycom.com/ Software Link:...
Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability
Exploit for hardware platform in category web applications Polycom VVX-Series Business Media Phones Path Traversal Vulnerability --Summary-- Polycom VVX-series Business Media Phones allow authenticated users to execute file path traversal attacks Polycom http://www.polycom.com --Affects-- Polycom...
Polycom VVX-Series Business Media Phones - Directory Traversal
Polycom VVX-Series Business Media Phones Path Traversal Vulnerability --Summary-- Polycom VVX-series Business Media Phones allow authenticated users to execute file path traversal attacks Polycom http://www.polycom.com --Affects-- Polycom VVX 101, 201, 300, 310, 400, 410, 500, 600, & 1500 UC...
Polycom VVX-Series Path Traversal
Polycom VVX-Series Business Media Phones Path Traversal Vulnerability --Summary-- Polycom VVX-series Business Media Phones allow authenticated users to execute file path traversal attacks Polycom http://www.polycom.com --Affects-- Polycom VVX 101, 201, 300, 310, 400, 410, 500, 600, & 1500 UC...