← Back

Lifesize

lifesize

5 CVEs • 20 products

Products (20)

Click to collapse
Toggle
Lifesize Room Appliance Software
lifesize_room_appliance_software
2 CVEs
Team 220 Firmware
team_220_firmware
1 CVE
Passport 220 Firmware
passport_220_firmware
1 CVE
Networker 220 Firmware
networker_220_firmware
1 CVE
Room 220 Firmware
room_220_firmware
1 CVE
Icon 300 Firmware
icon_300_firmware
1 CVE
Icon 500 Firmware
icon_500_firmware
1 CVE
Icon 700 Firmware
icon_700_firmware
1 CVE
Express 220 Firmware
express_220_firmware
1 CVE
Room 220i Firmware
room_220i_firmware
1 CVE
Lifesize Room Appliance
lifesize_room_appliance
0 CVEs
Team 220
team_220
0 CVEs
Passport 220
passport_220
0 CVEs
Networker 220
networker_220
0 CVEs
Room 220
room_220
0 CVEs
Icon 300
icon_300
0 CVEs
Icon 500
icon_500
0 CVEs
Icon 700
icon_700
0 CVEs
Express 220
express_220
0 CVEs
Room 220i
room_220i
0 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-17981
1Lifesize
2Express 220 Firmware
Room 220i Firmware
Nov 21, 2024
Jan 22, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter.
CVE-2019-3702
1Lifesize
3Icon 300 Firmware
Icon 500 FirmwareIcon 700 Firmware
Nov 21, 2024
May 13, 2019
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request.
CVE-2019-7632
1Lifesize
4Networker 220 Firmware
Passport 220 FirmwareRoom 220 Firmware+1 more
Nov 21, 2024
Feb 8, 2019
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default passwo...Show more
LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication.Show less
CVE-2011-2763
1Lifesize
1Lifesize Room Appliance Software
Apr 29, 2026
Sep 2, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
CVE-2011-2762
1Lifesize
1Lifesize Room Appliance Software
Apr 29, 2026
Sep 2, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) allows remote attackers to bypass authentication via unspecified data associated with a "true" authentication status, related to AMF data and the LSRoom_...Show more
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) allows remote attackers to bypass authentication via unspecified data associated with a "true" authentication status, related to AMF data and the LSRoom_Remoting.authenticate function in gateway.php.Show less