Vulnerability Details CVE-2022-26482
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.596
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 7.2
References
- https://sec-consult.com/de/vulnerability-lab/advisory/poly-eagleeye-director-ii-kritische-schwachstellen/
- https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-poly-eagleeye-director-ii/
- https://www.poly.com/us/en/support/security-center
- https://sec-consult.com/de/vulnerability-lab/advisory/poly-eagleeye-director-ii-kritische-schwachstellen/
- https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-poly-eagleeye-director-ii/
- https://www.poly.com/us/en/support/security-center
Products affected by CVE-2022-26482
-
cpe:2.3:h:poly:eagleeye_director_ii:-
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:-
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.0.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0.23
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0.29
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.0.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.1.0.5
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2.0.43
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2.1.1