CVSS: 8.3EPSS: 1%CPEs: 59EXPL: 0CVE-2019-12948
https://notcve.org/view.php?id=CVE-2019-12948
29 Jul 2019 — A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code. Una vulnerabilidad en la interfaz de administración basada en web de los teléfonos VVX, Trio, SoundStructure, SoundPoint y SoundStation que ejecutan el software Polycom UC, si se explota, podría permitir que u... • https://support.polycom.com/content/dam/polycom-support/global/documentation/remote-code-execution-vulnerability-in-ucs-software-v1-1.pdf • CWE-749: Exposed Dangerous Method or Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-5233
https://notcve.org/view.php?id=CVE-2006-5233
11 Oct 2006 — Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl script. Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware versión 1.4.1.0040, permite a atacantes remotos provocar una denegación de servicio (reinicio) mediante (1) una URL larga enviada al demonio HTTP y (2) manipulaciones no espec... • http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0090.html •