The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding ...
6.4AI Score
0.01EPSS
The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administrator account, which makes it easier for remote attackers to obtain console access via an HTTP session, a different vulnerability than CVE-2010-0214.
6.9AI Score
0.027EPSS
7.5CVSS
7.5AI Score
0.006EPSS
RoomWizard before 4.4.x allows remote attackers to obtain potentially sensitive information about IP addresses via /getGroupTimeLineJSON.action.
5.3CVSS
5.1AI Score
0.003EPSS
6.1CVSS
5.9AI Score
0.001EPSS