CVE-2025-0858
5.8
CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
Summary
A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HP, Inc. | Certain Poly Devices | See HP security bulletin reference for affected versions | affected |
Weaknesses
- CWE-35: CWE-35: Path Traversal: '…/…//'
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.