cbcvebase.
CVE-2019-7632
published 2019-02-08

CVE-2019-7632: LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the…

PriorityP260high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
6.49%
92.9th percentile
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication.

Detection & IOCsextracted from sources · hover to see the quote

pathsupport/mtusize.php
othermtu_size
  • Monitor for OS command injection via shell metacharacters submitted to the mtu_size parameter of support/mtusize.php on LifeSize devices.
  • Alert on authentication attempts using the default 'cli' account credential on LifeSize Team, Room, Passport, and Networker 220 devices, as this is the known default used to stage the exploit.
  • ·Exploitation requires authentication; however, the well-known default credential for the 'cli' account on LifeSize devices may be sufficient to authenticate and trigger the injection.
  • ·Affected devices include LifeSize Team, Room, Passport, and Networker 220 — scope should be confirmed before deploying detections.

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.