CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 2CVE-2012-6611
https://notcve.org/view.php?id=CVE-2012-6611
10 Feb 2020 — An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password. Se detectó un problema en Polycom Web Management Interface G3/HDX 8000 HD con el software Durango versión 2.6.0 4740 y la plataforma de desarrollo Polycom Linux 2.14.g3 integrada. Tiene una contraseña administrativa en blanco de forma p... • https://web.archive.org/web/20130320033016/http://blog.tempest.com.br/joao-paulo-campello/path-traversal-on-polycom-web-management-interface.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.1EPSS: 0%CPEs: 37EXPL: 0CVE-2012-4970 – Polycom HDX Video End Points Cross Site Scripting
https://notcve.org/view.php?id=CVE-2012-4970
28 Dec 2012 — Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en la interfaz de administración web de Polycom HDX Video End Points con software UC APL antes de v2.7.1.1_J y software comercial antes de v3.0.5, permite a atacan... • http://archives.neohapsis.com/archives/bugtraq/2012-12/0146.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •