CVE-2012-6610
published 2020-01-28CVE-2012-6610: Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a…
PriorityP266high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
10.88%
95.3th percentile
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| polycom | hdx_video_end_points | < 3.0.4 | 3.0.4 |
| polycom | uc_apl | < 2.7.1.j | 2.7.1.j |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect OS command injection via semicolon delimiter in the ping command on Polycom HDX Command Shell (telnet service) ↗
- →Monitor for simultaneous/concurrent telnet connections to Polycom HDX endpoints, which can trigger authentication bypass on the Command Shell service ↗
- →Alert on unauthenticated telnet sessions to Polycom HDX devices running software versions 3.0.5 and earlier ↗
- ·The auth bypass requires simultaneous connections; single sequential connections may not trigger the vulnerability ↗
- ·Command injection (ping semicolon) applies only to versions prior to 3.0.4; the auth bypass affects versions up to and including 3.0.5 ↗
- ·UC APL variant has a different patched version threshold (2.7.1.J) compared to standard HDX endpoints (3.0.4) ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2012/Mar/18https://web.archive.org/web/20130317232013/http://blog.tempest.com.br/joao-paulo-campello/polycom-web-management-interface-os-command-injection.htmlhttp://seclists.org/fulldisclosure/2012/Mar/18https://web.archive.org/web/20130317232013/http://blog.tempest.com.br/joao-paulo-campello/polycom-web-management-interface-os-command-injection.html
2020-01-28
Published