Vulnerability Details CVE-2018-17875
A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.096
EPSS Ranking 92.5%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://unkl4b.github.io/Authenticated-RCE-in-Polycom-Trio-8800-pt-1/
- https://support.polycom.com/content/support/emea/emea/en/support/voice/polycom-trio/polycom-trio-8800.html
- http://unkl4b.github.io/Authenticated-RCE-in-Polycom-Trio-8800-pt-1/
- https://support.polycom.com/content/support/emea/emea/en/support/voice/polycom-trio/polycom-trio-8800.html
Products affected by CVE-2018-17875
-
cpe:2.3:h:poly:trio_8800:-
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.0.12197
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.0.12541
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.0.12856
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.1.17597
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.2.5400
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.3.2007
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.3.2389
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.3.2400
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.4.7511
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.4.7609
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.4.7776
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.5.9111
-
cpe:2.3:o:poly:trio_8800_firmware:5.4.5.9658
-
cpe:2.3:o:poly:trio_8800_firmware:5.5.2.11338
-
cpe:2.3:o:poly:trio_8800_firmware:5.5.2.11391
-
cpe:2.3:o:poly:trio_8800_firmware:5.5.3.3441
-
cpe:2.3:o:poly:trio_8800_firmware:5.5.3.3517
-
cpe:2.3:o:poly:trio_8800_firmware:5.5.4.2255
-
cpe:2.3:o:poly:trio_8800_firmware:5.7.1.4095
-
cpe:2.3:o:poly:trio_8800_firmware:5.7.1.4133
-
cpe:2.3:o:poly:trio_8800_firmware:5.7.1.4145