CVE-2021-41322
Poly VVX 400/410 devices (version 5.3.1 and earlier) expose a password-reset vulnerability: a low-privilege user can change the Admin password by sending a POST parameter value of 120. Root cause: manipulating the password reset flow. Impact: possible admin account compromise. Exploitation detail...