Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary files via the (2) Filename or (3) SE_FNAME parameter to PlcmRmWeb/FileUpload or to read and remove arbitrary files via the (4) filePathName parameter in an importSipUriReservations SOAP request to PlcmRmWeb/JUserManager.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Polycom RealPresence Resource Manager 路径遍历漏洞
Vulnerability Description
Polycom RealPresence Resource Manager(RPRM)是美国宝利通(Polycom)公司的一套对视频进行管理、监控和控制的应用程序。 Polycom RPRM 8.3.2及之前版本中存在目录遍历漏洞。远程攻击者可借助多种方法利用该漏洞读取、上传或删除任意文件。(多种方法包括:(1)向PlcmRmWeb/FileDownload发送带有‘..’的‘Modifier’参数、(2)向PlcmRmWeb/FileUpload发送‘Filename’或‘SE_FNAME’参数、(3)
CVSS Information
N/A
Vulnerability Type
N/A