CVE-2025-0858 | THREATINT

Description

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not properly prevent path traversal and could lead to information disclosure.

PUBLISHED Reserved 2025-01-29 | Published 2025-02-05 | Updated 2025-03-27 | Assigner hp

MEDIUM: 5.8CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-35: Path Traversal: '.../...//'

Product status

Default status

unaffected

See HP security bulletin reference for affected versions

affected

References

support.hp.com/...ument/ish_11926124-11926148-16/hpsbpy03996

cve.org (CVE-2025-0858)

nvd.nist.gov (CVE-2025-0858)