An issue was discovered in Poly Studio before 3.7.0. Command Injection can occur via the CN field of a Create Certificate Signing Request (CSR) action.
References
Link | Resource |
---|---|
https://sec-consult.com/vulnerability-lab/advisory/authenticated-command-injection-in-poly-studio/ | Exploit Third Party Advisory |
https://www.poly.com/us/en/support/security-center | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-17T22:11:00
Updated: 2022-07-17T22:11:00
Reserved: 2022-03-04T00:00:00
Link: CVE-2022-26481
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-17T23:15:08.443
Modified: 2022-07-21T22:46:13.137
Link: CVE-2022-26481
JSON object: View
Redhat Information
No data.
CWE