CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin. |
1Poly 1Eagleeye Director Ii Firmware Nov 21, 2024 Jul 17, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication. |