CVE-2023-29930

Published May 10th, 2023

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page.

YSaxon/TFTPlunder

Info and exploit for CVE-2023-29930: blind file read/write in Genesys TFTP provisioning server configuration

GitHub