Vulnerability CVE-2022-26482


Published: 2022-07-17   Modified: 2022-07-18

Description:
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.

See advisories in our WLB2 database:
Topic
Author
Date
High
Poly EagleEye Director II 2.2.1.1 Command Injection / Authentication Bypass
Johannes Kruchem
07.06.2022

Type:

CWE-78

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

 References:
https://www.poly.com/us/en/support/security-center
https://sec-consult.com/de/vulnerability-lab/advisory/poly-eagleeye-director-ii-kritische-schwachstellen/
https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-poly-eagleeye-director-ii/

Copyright 2022, cxsecurity.com

 

Back to Top