CVE-2015-4681

HIGH

Polycom RealPresence Resource Manager < 8.3.2 - Unspecified Impact via Weak Passwords

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-4681. PoCs published by SEC Consult.

AI-analyzed exploit summary This is a detailed security advisory from SEC Consult describing multiple critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) versions <8.4. It includes proof-of-concept details for unauthorized password disclosure, arbitrary file disclosure, and privilege escalation via sudo misconfiguration.

Description

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.

Exploits (1)

exploitdb WRITEUP

by SEC Consult · textwebappshardware

https://www.exploit-db.com/exploits/37449

View Code ZIP pw:eip

This is a detailed security advisory from SEC Consult describing multiple critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) versions <8.4. It includes proof-of-concept details for unauthorized password disclosure, arbitrary file disclosure, and privilege escalation via sudo misconfiguration.

Classification

Writeup 90%

Attack Type

Info Leak | Auth Bypass | Lpe

Complexity

Moderate

Reliability

Reliable

Target: Polycom RealPresence Resource Manager (RPRM) <8.4

Auth required

Prerequisites: unprivileged authenticated access · valid user token

MITRE ATT&CK