Vulnerabilities (CVE)

Filtered by vendor Poly Subscribe
Filtered by product Eagleeye Director Ii
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26482 1 Poly 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware 2024-11-21 N/A 7.2 HIGH
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.
CVE-2022-26479 1 Poly 2 Eagleeye Director Ii, Eagleeye Director Ii Firmware 2024-11-21 N/A 9.8 CRITICAL
An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file (which can be created via an rsync backdoor) causes all API calls to execute as admin without authentication.