Lucene search
HistoryMay 18, 2015 - 3:59 p.m.
CVE-2014-8384
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.7%
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.
Affected configurations
Node
infocusin3128hd_firmwareMatch0.26
infocusin3128hdMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infocus | in3128hd_firmware | 0.26 | cpe:2.3:o:infocus:in3128hd_firmware:0.26:*:*:*:*:*:*:* |
| infocus | in3128hd | - | cpe:2.3:h:infocus:in3128hd:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2014-8384
2015-05-18 15:59:01
prion
prion
Cross site request forgery (csrf)
2015-05-18 15:59:00
cvelist
cvelist
CVE-2014-8384
2015-05-18 15:00:00
packetstorm
packetstorm
InFocus IN3128HD Projector Missing Authentication
2015-04-28 00:00:00
coresecurity
coresecurity
InFocus IN3128HD Projector Multiple Vulnerabilities
2015-04-27 00:00:00
zdt
zdt
InFocus IN3128HD Projector Missing Authentication Vulnerability
2015-04-28 00:00:00
securityvulns
securityvulns
InFocus projectors authentication bypass
2015-05-11 00:00:00
[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities
2015-05-11 00:00:00
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.01
Percentile
83.7%
Related for NVD:CVE-2014-8384