Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polycom vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2012-6609
Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points prior to 3.0.4 and UC APL prior to 2.7.1.J allows remote malicious users to read arbitrary files via a .. (dot dot) in the name parameter.
Polycom Hdx Video End Points
Polycom Uc Apl
8.8
CVSSv3
CVE-2012-6610
Polycom HDX Video End Points prior to 3.0.4 and UC APL prior to 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
Polycom Hdx Video End Points
Polycom Uc Apl
8.3
CVSSv3
CVE-2019-12948
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or e...
Polycom Unified Communications Software
Polycom United Communications Software
6.8
CVSSv3
CVE-2019-10688
VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections between the host application and the device.
Polycom Unified Communications Software
Polycom Better Together Over Ethernet Connector
NA
CVE-2002-1905
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote malicious users to cause a denial of service (crash) via a long HTTP GET request.
Polycom Viavideo 2.2
Polycom Viavideo 3.0
1 EDB exploit
NA
CVE-2002-1906
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote malicious users to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open.
Polycom Viavideo 2.2
Polycom Viavideo 3.0
1 EDB exploit
8.8
CVSSv3
CVE-2021-41322
Poly VVX 400/410 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.
Polycom Vvx 400 Firmware 5.3.1
Polycom Vvx 410 Firmware 5.3.1
6.5
CVSSv3
CVE-2019-10689
VVX products using UCS software version 5.9.2 and previous versions with Better Together over Ethernet Connector (BToE) application version 3.9.1 and previous versions provides insufficient authentication between the BToE application and the BToE component, resulting in leakage o...
Polycom Better Together Over Ethernet Connector
Polycom Unified Communications Software
8.8
CVSSv3
CVE-2017-12857
Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote malicious user to read a ...
Polycom Unified Communications Software
6.5
CVSSv3
CVE-2018-14934
The Bluetooth subsystem on Polycom Trio devices with software prior to 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
Polycom Trio 8500 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »