Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-11355

EPSS 0.53% · P67
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-11355

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Polycom HDX 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Polycom HDX是美国宝利通(Polycom)公司的一套高清视频会议系统。 Polycom HDX中存在安全漏洞。攻击者可利用该漏洞以root权限执行系统命令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2019-11355

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-11355

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-03-12 · 141 CVEs total

CVE-2020-10436Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10419Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10420Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10421Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10422Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10423Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10424Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10425Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10426Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10427Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10428Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10429Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10430Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10431Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10432Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10433Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10434Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10435Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10446Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞
CVE-2020-10448Chadha Software Technologies PHPKB Standard Multi-Language 跨站脚本漏洞

Showing top 20 of 141 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2019-11355

No comments yet

Leave a comment