CNNVD-202507-1533 Information
CNNVD ID
CNNVD-202507-1533
Related CVE
- CNNVD Published: 2025-07-10
Description (Chinese)
Polycom HDX Series是美国Polycom公司的一系列高清视频会议系统。 Polycom HDX Series存在操作系统命令注入漏洞,该漏洞源于devcmds控制台中的命令注入问题,可能导致远程代码执行。
Description (English)
Polycom HDX Series is a series of high-resolution videoconferencing systems of Polycom, a United States company. Polycom HDX Series has an operational system command leak, which stems from a command injection problem in the devcmds console, which may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
操作系统命令注入
Affected Vendor
宝利通
Published
2025-07-10
Last Modified
2026-02-24
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/misc/polycom_hdx_traceroute_exec.rb https://www.exploit-db.com/exploits/24494 https://vulncheck.com/advisories/polycom-hdx-series-telnet-rce http://support.polycom.com/content/dam/polycom-support/global/documentation/securityadvisory-remotecodeexecutionon-hdx-v0.3-hotfix-release.pdf https://web.archive.org/web/20200312205144/ https://staaldraad.github.io/2017/11/12/polycom-hdx-rce/ https://nvd.nist.gov/vuln/detail/CVE-2025-34093
Patch
https://support.hp.com/us-en/poly
Share on: