Vulnerability Details CVE-2022-26481
An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.0%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-26481
-
cpe:2.3:h:poly:g7500:-
-
cpe:2.3:h:poly:studio_x30:-
-
cpe:2.3:h:poly:studio_x50:-
-
cpe:2.3:h:poly:studio_x70:-
-
cpe:2.3:o:poly:g7500_firmware:-
-
cpe:2.3:o:poly:g7500_firmware:3.4.0
-
cpe:2.3:o:poly:g7500_firmware:3.5.0
-
cpe:2.3:o:poly:g7500_firmware:3.6.0
-
cpe:2.3:o:poly:studio_x30_firmware:-
-
cpe:2.3:o:poly:studio_x30_firmware:3.4.0
-
cpe:2.3:o:poly:studio_x30_firmware:3.5.0
-
cpe:2.3:o:poly:studio_x30_firmware:3.6.0
-
cpe:2.3:o:poly:studio_x50_firmware:-
-
cpe:2.3:o:poly:studio_x50_firmware:3.4.0
-
cpe:2.3:o:poly:studio_x50_firmware:3.5.0
-
cpe:2.3:o:poly:studio_x50_firmware:3.6.0
-
cpe:2.3:o:poly:studio_x70_firmware:-
-
cpe:2.3:o:poly:studio_x70_firmware:3.4.0
-
cpe:2.3:o:poly:studio_x70_firmware:3.5.0
-
cpe:2.3:o:poly:studio_x70_firmware:3.6.0