A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself.

The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication.

A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700.

Under certain conditions, access to service libraries is granted to account they should not have access to.

Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system.

Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system.

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php.

Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/versions.php.

Waybox Enel X web management API authentication could be bypassed and provide administrator’s privileges over the Waybox system.

Under certain conditions, through a request directed to the Waybox Enel X web management application, information like Waybox OS version or service configuration details could be obtained.