Description
An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.polycom.com/content/dam/polycom-support/global/documentation/hdx-3-1-14-advisory.pdf
Scores
CVSS v3
7.2
EPSS
0.0108
EPSS Percentile
60.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
polycom/hdx_system_software
< 3.1.13
Published
Mar 12, 2020
Tracked Since
Feb 18, 2026