Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-2763
HistorySep 02, 2011 - 4:55 p.m.

CVE-2011-2763

2011-09-0216:55:04
CWE-20
[email protected]
web.nvd.nist.gov
24
lifesize
room
appliance
web interface
remote code execution
vulnerability
cve-2011-2763
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.436 Medium

EPSS

Percentile

97.4%

JSON

The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.

Affected configurations

NVD
Node
lifesizelifesize_room_appliance
AND
lifesizelifesize_room_appliance_softwareMatch4.7.18
OR
lifesizelifesize_room_appliance_softwareMatchls_rm1_3.5.3

Related

prion 1
cvelist 1
packetstorm 1
exploitdb 1
attackerkb 1
checkpoint_advisories 1
nvd 1
securityvulns 2
cert 1
prion
prion
Design/Logic Flaw
2011-09-02 16:55:00
cvelist
cvelist
CVE-2011-2763
2011-09-02 16:00:00
packetstorm
packetstorm
LifeSize Room 3.5.3 / 4.7.18 Command Injection
2011-08-28 00:00:00
exploitdb
exploitdb
LifeSize Room Command Injection
2011-11-02 00:00:00
attackerkb
attackerkb
CVE-2011-2763
2011-09-02 00:00:00
checkpoint_advisories
checkpoint_advisories
LifeSize Room Security Bypass and Command Injection Vulnerabilities (CVE-2011-2763)
2014-10-26 00:00:00
nvd
nvd
CVE-2011-2763
2011-09-02 16:55:04
securityvulns
securityvulns
LifeSize Room Vulnerabilities
2011-08-30 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-08-30 00:00:00
cert
cert
LifeSize Room appliance authentication bypass and arbitrary code injection vulnerability
2011-08-29 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.436 Medium

EPSS

Percentile

97.4%

JSON
Related for CVE-2011-2763
prion1cvelist1packetstorm1exploitdb1attackerkb1checkpoint_advisories1nvd1securityvulns2cert1