CVE-2019-7632
published 2019-02-08CVE-2019-7632: LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the…
PriorityP260high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
6.49%
92.9th percentile
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for OS command injection via shell metacharacters submitted to the mtu_size parameter of support/mtusize.php on LifeSize devices. ↗
- →Alert on authentication attempts using the default 'cli' account credential on LifeSize Team, Room, Passport, and Networker 220 devices, as this is the known default used to stage the exploit. ↗
- ·Exploitation requires authentication; however, the well-known default credential for the 'cli' account on LifeSize devices may be sufficient to authenticate and trigger the injection. ↗
- ·Affected devices include LifeSize Team, Room, Passport, and Networker 220 — scope should be confirmed before deploying detections. ↗
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
2019-02-08
Published