CVE-2018-17875 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 92%

Vendor	Product	Version
poly	trio_8800_firmware	5.4.0.12197
poly	trio_8800_firmware	5.4.0.12541
poly	trio_8800_firmware	5.4.0.12856
poly	trio_8800_firmware	5.4.1.17597
poly	trio_8800_firmware	5.4.2.5400
poly	trio_8800_firmware	5.4.3.2007
poly	trio_8800_firmware	5.4.3.2389
poly	trio_8800_firmware	5.4.3.2400
poly	trio_8800_firmware	5.4.4.7511
poly	trio_8800_firmware	5.4.4.7609
poly	trio_8800_firmware	5.4.4.7776
poly	trio_8800_firmware	5.4.5.9111
poly	trio_8800_firmware	5.4.5.9658
poly	trio_8800_firmware	5.5.2.11338
poly	trio_8800_firmware	5.5.2.11391
poly	trio_8800_firmware	5.5.3.3441
poly	trio_8800_firmware	5.5.3.3517
poly	trio_8800_firmware	5.5.4.2255
poly	trio_8800_firmware	5.7.1.4095
poly	trio_8800_firmware	5.7.1.4133
poly	trio_8800_firmware	5.7.1.4145

𝑥

= Vulnerable software versions

Known Exploits!

References

http://unkl4b.github.io/Authenticated-RCE-in-Polycom-Trio-8800-pt-1/

https://support.polycom.com/content/support/emea/emea/en/support/voice/polycom-trio/polycom-trio-8800.html

http://unkl4b.github.io/Authenticated-RCE-in-Polycom-Trio-8800-pt-1/

https://support.polycom.com/content/support/emea/emea/en/support/voice/polycom-trio/polycom-trio-8800.html