Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polycom vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-12857
Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote malicious user to read a ...
Polycom Unified Communications Software
6.5
CVSSv3
CVE-2018-14934
The Bluetooth subsystem on Polycom Trio devices with software prior to 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
Polycom Trio 8500 Firmware
6.1
CVSSv3
CVE-2018-14935
The Web administration console on Polycom Trio devices with software prior to 5.5.4 has XSS.
Polycom Trio 8500 Firmware
6.8
CVSSv3
CVE-2018-10946
An issue exists in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows malicious users to arbitrarily read the admin user's password via the admin web UI.
Polycom Realpresence Debut Firmware
3.1
CVSSv3
CVE-2018-10947
An issue exists in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted.
Polycom Realpresence Debut Firmware
9.8
CVSSv3
CVE-2012-6611
An issue exists in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password.
Polycom Hdx System Software
8
CVSSv3
CVE-2019-14259
On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS...
Polycom Obihai Obi1022 Firmware 5.1.11
7.8
CVSSv3
CVE-2015-8300
Polycom BToE Connector prior to 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file.
Polycom Btoe Connector
7.2
CVSSv3
CVE-2019-11355
An issue exists in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on th...
Polycom Hdx System Software
7.5
CVSSv3
CVE-2018-12592
Polycom RealPresence Web Suite prior to 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with...
Polycom Realpresence Web Suite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »