CVE-2025-34093
BaseFortify
Publication date: 2025-07-10
Last updated on: 2025-07-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| polycom | hdx_series | * |
| polycom | hdx_series | 3.1.11 |
| polycom | hdx_series | 3.0.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an authenticated command injection in the Polycom HDX Series command shell interface accessible over Telnet. Specifically, the 'lan traceroute' command in the devcmds console accepts unsanitized input, allowing an attacker to inject shell metacharacters and execute arbitrary system commands remotely with root privileges. This occurs when Telnet access is enabled and either unauthenticated access is allowed or valid credentials are known.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can execute arbitrary commands on the affected system with root privileges, potentially leading to full system compromise, unauthorized access to sensitive data, disruption of services, or further attacks within the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if Telnet access is enabled on your Polycom HDX Series devices and verifying if the 'lan traceroute' command in the devcmds console is accessible. Since the vulnerability involves command injection via the traceroute interface, monitoring for unusual traceroute command usage or unexpected system command executions in logs may help. Specific commands to test or detect the vulnerability are not provided in the available information.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling Telnet access on affected Polycom HDX Series devices if it is not required, restricting Telnet access to trusted users only, and ensuring strong authentication credentials are used to prevent unauthorized access. Avoid using the vulnerable 'lan traceroute' command in the devcmds console until a patch or fix is applied.