Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polycom vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2015-4684
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrator...
Polycom Realpresence Resource Manager
1 EDB exploit
4.4
CVSSv2
CVE-2015-4685
Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
Polycom Realpresence Resource Manager
1 EDB exploit
3.5
CVSSv2
CVE-2015-1516
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite prior to 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Polycom Realpresence Cloudaxis Suite
9
CVSSv2
CVE-2019-11355
An issue exists in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on th...
Polycom Hdx System Software
5
CVSSv2
CVE-2018-12592
Polycom RealPresence Web Suite prior to 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with...
Polycom Realpresence Web Suite
7.2
CVSSv2
CVE-2015-4681
Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
Polycom Realpresence Resource Manager
1 EDB exploit
7.8
CVSSv2
CVE-2006-5233
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote malicious users to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl ...
Polycom Soundpoint Ip 301 1.4.1.0040
7.8
CVSSv2
CVE-2007-3368
Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote malicious users to cause a denial of service (device reboot) via a malformed CGI parameter.
Polycom Soundpoint Ip 650 Bootrom 3.0.0
7.8
CVSSv2
CVE-2007-3369
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote malicious users to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.
Polycom Soundpoint Ip 601 1.6.3.0067 Bootrom 3.0.0
NA
CVE-2023-29930
An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote malicious user to execute arbitrary code via the login crednetials to the TFTP server configuration page.
Genesys Tftp Server
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »