# Exploit Title: Polycom VVX Web Interface

- Privilege Escalation

# Date: 01/26/2017
# Exploit Author: m8r0wn
# Vendor Homepage:
http://www.polycom.com/
# Software Link:
http://downloads.polycom.com/voice/voip/uc_sw_releases_matrix.html
# Version: Polycom VVX 400/410, Software Version: 5.3.1
# CVE :

CVE-2021-41322

# This vulnerability

allows under-privileged users to change the "Admin" account password
# leading to privilege escalation.

1. Login with the "User" Account (default pwd: 123).
2. Navigate to: Settings > Change Password.
3. Fill in "Old Password" field with the current "User" password.
4. Fill in "New Password" field with the new "Admin" account password, and confirm.
5. Click "Save" and use a web application proxy to modify the request:

Change "122=" to "120=" in the POST data to associate the new password with the "Admin" account.

6

. An error will be shown on screen,but the Admin account password has been changed.