Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polycom vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-4683
Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allows malicious users to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
Polycom Realpresence Resource Manager
1 EDB exploit
6.5
CVSSv3
CVE-2015-4684
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrator...
Polycom Realpresence Resource Manager
1 EDB exploit
7
CVSSv3
CVE-2015-4685
Polycom RealPresence Resource Manager (aka RPRM) prior to 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
Polycom Realpresence Resource Manager
1 EDB exploit
7.5
CVSSv3
CVE-2018-12592
Polycom RealPresence Web Suite prior to 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with...
Polycom Realpresence Web Suite
NA
CVE-2015-1516
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite prior to 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Polycom Realpresence Cloudaxis Suite
7.2
CVSSv3
CVE-2019-11355
An issue exists in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on th...
Polycom Hdx System Software
NA
CVE-2007-3368
Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote malicious users to cause a denial of service (device reboot) via a malformed CGI parameter.
Polycom Soundpoint Ip 650 Bootrom 3.0.0
NA
CVE-2007-3369
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote malicious users to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.
Polycom Soundpoint Ip 601 1.6.3.0067 Bootrom 3.0.0
NA
CVE-2006-5233
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote malicious users to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl ...
Polycom Soundpoint Ip 301 1.4.1.0040
8.8
CVSSv3
CVE-2023-29930
An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote malicious user to execute arbitrary code via the login crednetials to the TFTP server configuration page.
Genesys Tftp Server
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »