Headline
CVE-2022-26482: Security Center
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.
DATE
ID#
TITLE
03-07-22
PLYTV21-09
Studio X50 – Improper Neutralization of Special Elements used in an OS Command
03-07-22
PLYPL21-12
EEDII – Multiple Security Vulnerabilities
02-23-22
PLYGN21-08
Poly Systems – Apache Log4j
09-29-21
Security Advisory Version 1.0
Plantronics Hub – Local Privilege Escalation
09-07-21
Security Bulletin Version 1.0
CX5100/CX5500 Authenticated Command Injection
04-30-21
Security Advisory Version 1.0
Information Disclosure Vulnerability Poly VOIP Phones
02-24-21
Security Advisory Version 1.0
Information Disclosure Vulnerability Poly VOIP Phones
02-24-21
Security Bulletin Version 1.1
Increased SIP Provisioning Attacks
02-22-21
Security Advisory Version 1.0
Information Disclosure Vulnerability Poly ZTP Service
01-20-21
Security Bulletin Version 1.0
Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-352A
04-24-20
Security Bulletin Version 1.0
Poly Recommended Best Security Practices for Unified Communications
04-01-20
Security Advisory Version 1.0
Poly Voice Endpoints – XSS and CSRF Vulnerabilities
02-07-20
Security Bulletin Version 1.0
CCX500 - UI Vulnerability Allows Access to Android Settings
01-15-20
Security Bulletin Version 1.6
Worldwide H.323 and SIP Botnet Calling Video Systems
01-10-20
Security Advisory Version 1.2.0
Remote Code Execution Vulnerability in UCS Software
01-10-20
Security Advisory Version 1.0.0
Vulnerabilities in VxWorks Operating System and Poly Products
09-04-19
Security Advisory Version 1.0.0
Plantronics Hub - Local Privilege Escalation Vulnerability
08-06-19
Security Advisory Version 1.0
Remote Code Execution Vulnerability in Obihai OBi1022
06-19-19
Security Advisory Version 1.1
Insufficient Authentication Resulting in Information Leakage on VVX Products
06-14-19
Security Advisory Version 1.1
Hard Coded Credentials Vulnerability in VVX Products
04-26-19
Security Advisory Version 1.0
Multiple Vulnerabilities in HDX Products Older than 3.1.14
02-20-19
Security Bulletin Version 1.0
HDX (versions older than 3.1.13) can be affected by multiple Botnets
01-24-19
Security Advisory Version 1.1
Cyber Threats Targeting Default Passwords
11-30-18
Security Bulletin Version 1.1
TLS 1.2 and Microsoft O365 Impacts to Polycom Products
11-05-18
Security Bulletin Version 1.0
Bluetooth Authentication Weakness Found in Trio
11-05-18
Security Bulletin Version 1.0
Stored Cross-Site Scripting Found in Trio
11-01-18
Security Bulletin Version 1.0
Remote Code Execution Vulnerability Found in Group Series
08-10-18
Security Bulletin Version 1.1
HDX SoftwareVersions Older than 3.1.12 and Omni Botnet
07-12-18
Security Advisory Version 1.9
Processor Based “Speculative Execution” Vulnerabilities AKA “Spectre” and “Meltdown” on Polycom Products
07-11-18
Security Advisory Version 1.2
Vulnerabilities in Polycom VVX Phones and UC Software
07-03-18
Security Advisory Version 1.0
Polycom UCS Software Vulnerabilities
06-26-18
Security Advisory Version 1.1
RealPresence Web Suite Vulnerability
05-10-18
Security Advisory Version 1.0
RealPresence Debut Vulnerabilities
03-05-18
Security Advisory Version 1.0
QDX 6000 Vulnerabilities
12-20-17
Security Advisory Version 1.2
“Krack” Vulnerability with Polycom Products
11-24-17
Security Advisory Version 1.2
Remote Code Execution on HDX Endpoints
10-18-17
Security Advisory Version 1.1
BlueBorne Bluetooth Vulnerabilities
08-28-17
Security Advisory Version 1.0
Information Disclosure on Multiple Polycom Products
08-11-17
Security Bulletin Version 1.1
WannaCry Vulnerability and Polycom Products
06-14-17
Security Bulletin Version 1.0
Relating to CVE-2017-7494 “SambaCry” Vulnerability and Polycom Products
03-22-17
Security Bulletin Version 1.0
Relating to CVE-2017-5638 “Apache Struts” Vulnerability and Polycom Products
10-26-16
Security Advisory Version 1.1
Relating to CVE-2016-5195 “Dirty COW” Vulnerability
09-20-16
Security Advisory Version 2.0
Relating to a Cross-site Scripting (XSS) Vulnerability in Polycom HDX Video Endpoints
09-13-16
Security Advisory Version 1.0
Relating to an XML External Entity (XXE) Vulnerability in Polycom HDX Video Endpoints)
04-06-16
Security Advisory Version 1.2
Relating to a GNU glibc DNS Vulnerability (CVE-2015-7547)
03-08-16
Security Bulletin Version 1.0
Relating to CVE-2016-0800 “DROWN” Vulnerability and Polycom Products
02-09-16
Security Office Update 2.0
Security Update Relating to H.323 and SIP AES Media Encryption on Polycom Products
12-16-15
Security Advisory Version 1.0
Relating to RealPresence Capture Server and RealPresence Media Suite Appliance Editions
12-09-15
Security Advisory Version 1.0
Relating to Path Traversal Vulnerabilities in Polycom VVX Business Media Phones
10-23-15
Security Advisory Version 2.0
Relating to GHOST glibc Vulnerability
10-23-15
Security Advisory Version 1.6.1
Relating to Logjam Vulnerability
06-29-15
Security Bulletin Version 1.0
RealPresence Resource Manager 8.4 security fixes summary
06-23-15
Security Advisory Version 1.0
Relating to Command Shell Vulnerability in Polycom Group Series Video Endpoints
06-23-15
Security Advisory Version 1.0
Relating to Inadequate SSH Restrictions Vulnerability in Polycom Group Series Video Endpoints
06-23-15
Security Advisory Version 1.0
Relating to Software Update Vulnerability in Polycom Group Series Video Endpoints
06-23-15
Security Advisory Version 1.0
Relating to Weak Entropy Vulnerability in Polycom Group Series Video Endpoints Web Cookies
06-17-15
Security Bulletin Version 1.0
Relating to “Tomcat Denial of Service”
06-15-15
Security Bulletin Version 1.0
Relating to Leap Second Insertion
04-20-15
Security Bulletin Version 1.6
Relating to SSLv3 “POODLE” Vulnerability and Polycom Products
10-24-14
Security Advisory Version 1.7
Relating to Bash shell arbitrary code execution on Various Polycom Products
10-06-14
Security Bulletin Version 1.2
Relating to Multiple OpenSSL Vulnerabilities on Various Polycom Products
06-05-14
Security Advisory Version 1.12
Relating to OpenSSL Vulnerability “Heartbleed” on Various Polycom Products
12-20-13
Security Bulletin 5471
Relating to JBoss Application Server on RealPresence Resource Manager
03-14-13
Security Bulletin 102404
Security Advisory relating to telnet shell authorization bypass on Polycom HDX Video Endpoints
03-14-13
Security Bulletin 107522
Security Advisory Relating to the Firmware Update Command Injection Vulnerability on Polycom HDX Video Endpoints
03-14-13
Security Bulletin 107523
Security Advisory Relating to the Command Shell Vulnerability on Polycom HDX Video Endpoints
03-14-13
Security Bulletin 107524
Security Advisory Relating to the H.323 Format String Vulnerability on Polycom HDX Video Endpoints
03-14-13
Security Bulletin 107525
Security Advisory Relating to the H.323 CDR Database SQL Injection on Polycom HDX Video Endpoints
03-14-13
Security Bulletin 107526
Security Advisory Relating to the PUP File Header MAC Signature Bypass on Polycom HDX Video Endpoints
Related news
DiCal-RED version 4009 makes use of unmaintained third party components with their own vulnerabilities.
A likely China-linked state-sponsored threat actor has been linked to a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan between November 2023 and April 2024. Recorded Future's Insikt Group is tracking the activity under the name RedJuliett, describing it as a cluster that operates Fuzhou, China, to support Beijing's intelligence
By Deeba Ahmed The malware, dubbed NKAbuse, uses New Kind of Network (NKN) technology, a blockchain-powered peer-to-peer network protocol to spread its infection. This is a post from HackRead.com Read the original post: New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread
A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications channel. "The malware utilizes NKN technology for data exchange between peers, functioning as a potent implant, and equipped with both flooder and backdoor capabilities," Russian
Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system.
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that could enable unauthorized path traversal and could be exploited under the circumstances to upload a malicious file
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant). "This financially motivated
An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.
The health, manufacturing, and energy sectors are the most vulnerable to ransomware.
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.
libnx_apl.so on Nexans FTTO GigaSwitch before 6.02N and 7.x before 7.02 implements a Backdoor Account for SSH logins on port 50200 or 50201.
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root privilege. In combination with CVE-2022-23534 this could give an attacker root access to the switch.
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.
Poly EagleEye Director II version 2.2.1.1 suffers from multiple authenticated remote command injection vulnerabilities as well as an authentication bypass vulnerability.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H).
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/A...
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier allows local users to affect integrity and availability via vectors related to Federated.
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.