Vulnerabilities > Lifesize

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-22	CVE-2018-17981	Cross-site Scripting vulnerability in Lifesize Express 220 Firmware and Room 220I Firmware Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter. network low complexity lifesize CWE-79	6.1
2019-05-13	CVE-2019-3702	OS Command Injection vulnerability in Lifesize products A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon LS_RM3_3.7.0 (2421) allows remote authenticated attackers to execute arbitrary commands via a crafted DNS Query address field in a JSON API request. network low complexity lifesize CWE-78	8.8
2019-02-08	CVE-2019-7632	OS Command Injection vulnerability in Lifesize products LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. network low complexity lifesize CWE-78	8.8

Vulnerabilities > Lifesize {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Lifesize"}]}