Vulnerability Details CVE-2022-26482
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.261
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 7.2
References
- https://sec-consult.com/de/vulnerability-lab/advisory/poly-eagleeye-director-ii-kritische-schwachstellen/
- https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-poly-eagleeye-director-ii/
- https://www.poly.com/us/en/support/security-center
- https://sec-consult.com/de/vulnerability-lab/advisory/poly-eagleeye-director-ii-kritische-schwachstellen/
- https://sec-consult.com/vulnerability-lab/advisory/critical-vulnerabilities-poly-eagleeye-director-ii/
- https://www.poly.com/us/en/support/security-center
Products affected by CVE-2022-26482
-
cpe:2.3:h:poly:eagleeye_director_ii:-
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:-
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.0.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0.23
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:1.1.0.29
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.0.0
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.1.0.5
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2.0.43
-
cpe:2.3:o:poly:eagleeye_director_ii_firmware:2.2.1.1