CVE-2011-2763

Exploit

EPSS 36.12%
Veröffentlicht 02.09.2011 16:55:04
Zuletzt bearbeitet 16.06.2026 23:31:57
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Lifesize ≫ Lifesize Room Appliance Software Version4.7.18

Lifesize ≫ Lifesize Room Appliance

Lifesize ≫ Lifesize Room Appliance Software Versionls_rm1_3.5.3

Lifesize ≫ Lifesize Room Appliance

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	36.12%	0.983

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.kb.cert.org/vuls/id/213486

US Government Resource

http://www.securestate.com/Documents/LifeSize_Room_Advisory.txt

Exploit

http://www.securityfocus.com/archive/1/519463/100/0/threaded

http://www.securityfocus.com/bid/49330

Exploit

http://securityreason.com/securityalert/8363

http://securityreason.com/securityalert/8527

http://www.exploit-db.com/exploits/17743

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/69444

https://nvd.nist.gov/vuln/detail/CVE-2011-2763

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2763

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2763

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2011-2763