VDB
CVE-2011-2763
CVE-2011-2763
PUBLISHED
CVSS 7.5 HIGH
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
EPSS 70.73% · 98.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
70.73%
98.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| lifesize | lifesize_room_appliance_software | 4.7.18, ls_rm1_3.5.3 |
Timeline
- Aug 26, 2011 CVE Published
- Aug 26, 2011 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Aug 5, 2022 EPSS Score
- Oct 23, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- lifesize-room-command-execution(69444) vdb
- 17743 exploit
- 8527 third-party-advisory
- 49330 vdb
- 20110828 LifeSize Room Vulnerabilities mailing-list
- VU#213486 third-party-advisory
- http://www.securestate.com/Documents/LifeSize_Room_Advisory.txt url
- 8363 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2011-2763 advisory