poly

Top products

The 14 most recently published vulnerabilities affecting poly.

• CVE-2024-6147Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability7.8Jun 20, 2024
• CVE-2023-4468Poly Trio 8500/Trio 8800/Trio C60 Poly Lens Management Cloud Registration authorization4.3Dec 29, 2023
• CVE-2023-4467Poly Trio 8800 Test Automation Mode backdoor6.2Dec 29, 2023
• CVE-2023-4466Poly CCX 400/CCX 600/Trio 8800/Trio C60 Web Interface protection mechanism2.7Dec 29, 2023
• CVE-2023-4465Poly VVX 601 Configuration File Import unverified password change2.7Dec 29, 2023
• CVE-2023-4464Poly VVX 601 Diagnostic Telnet Mode os command injection7.2Dec 29, 2023
• CVE-2023-4463Poly CCX 400/CCX 600/Trio 8800/Trio C60 HTTP Header denial of service5.3Dec 29, 2023
• CVE-2023-4462Poly VVX 601 Web Configuration Application random values3.7Dec 29, 2023
• CVE-2023-24282An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file.5.4Mar 8, 2023
• CVE-2022-26481An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.8.8Jul 17, 2022
• CVE-2022-26482An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.7.2Jul 17, 2022
• CVE-2022-26479An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authen...9.8Jul 17, 2022
• CVE-2018-17875A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors.8.8Dec 28, 2021
• CVE-2021-37145A command-injection vulnerability in an authenticated Telnet connection in Poly (formerly Polycom) CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and Remote Code Execution capabi...7.2Sep 7, 2021