LifeSize Room Security Bypass and Command Injection Vulnerabilities

LifeSize Room Security Bypass and Command Injection Vulnerabilities

LifeSize Room is prone to a security-bypass vulnerability and a command-injection vulnerability.

Exploiting these issues could allow an attacker to bypass authentication or execute arbitrary commands in the context of the application.

LifeSize Room versions 3.5.3 and 4.7.18 are affected; other versions may also be vulnerable.