Summary
Multiple Polycom products are prone to a directory-traversal vulnerability and a command-injection vulnerability because it fails to sufficiently sanitize user-supplied input.
Remote attackers can use a specially crafted request with directory- traversal sequences ('../') to retrieve arbitrary files in the context of the application. Also, attackers can execute arbitrary commands with the privileges of the user running the application.
Solution
Updates are available. Please see the references for more information.
References
- http://blog.tempest.com.br/joao-paulo-campello/path-traversal-on-polycom-web-management-interface.html
- http://blog.tempest.com.br/joao-paulo-campello/polycom-web-management-interface-os-command-injection.html
- http://seclists.org/fulldisclosure/2012/Mar/18?utm_source=twitterfeed&utm_medium=twitter
- http://www.polycom.com/
- http://www.securityfocus.com/bid/52301
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Artmedic Kleinanzeigen File Inclusion Vulnerability
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- Apache Axis2 Document Type Declaration Processing Security Vulnerability
- Atmail Multiple Unspecified Security Vulnerabilities.
- Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability