Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Hdx system software'
2020-03-12
CVE-2019-11355
CWE-78
An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root.
2013-01-01
CVE-2012-4970
CWE-79
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
>>>
Vendor:
Polycom
29
Products
Viewstation 128
Viewstation 512
Viewstation dcp
Viewstation fx vs4000
Viewstation h.323
Viewstation mp
Viewstation sp 384
Viewstation v.35
Viavideo
Mgc-100
Mgc-25
Mgc-50
Soundpoint ip 301
Soundpoint ip 650
Soundpoint ip 601
Hdx system software
Realpresence cloudaxis suite
Btoe connector
Unified communications software
Realpresence resource manager
Qdx 6000 firmware
Uc software
Vvx 500 firmware
Vvx 601 firmware
Better together over ethernet connector
Group series
HDX
PANO
Obihai obi1022 firmware
Copyright
2024
, cxsecurity.com
Back to Top