Lucene search
+L

104 matches found

packetstorm
packetstorm
added 2020/11/20 12:0 a.m.827 views

Barco wePresent Hardcoded API Credentials

KL-001-2020-004 : Barco wePresent Hardcoded API Credentials Title: Barco wePresent Hardcoded API Credentials Advisory ID: KL-001-2020-004 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-004.txt 1. Vulnerability Details Affected Vendor: Barco...

8.1AI score0.01543EPSS
Exploits7
packetstorm
packetstorm
added 2020/11/20 12:0 a.m.729 views

Barco wePresent Admin Credential Exposure

KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text Title: Barco wePresent Admin Credentials Exposed In Plain-text Advisory ID: KL-001-2020-005 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt 1. Vulnerability Detai...

8.1AI score0.01543EPSS
Exploits8
korelogic
korelogic
added 2020/11/20 12:0 a.m.202 views

Barco wePresent Undocumented SSH Interface Accessible Via Web UI

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-284: Improper Access Control CVE ID: CVE-2020-28331 2. Vulnerability Description The Barco wePresent device has an SSH daemon included in...

7.5CVSS8.4AI score0.01673EPSS
Exploits6Affected Software1
packetstorm
packetstorm
added 2020/11/20 12:0 a.m.871 views

Barco wePresent Undocumented SSH Interface

KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI Title: Barco wePresent Undocumented SSH Interface Accessible Via Web UI Advisory ID: KL-001-2020-007 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-007.txt 1...

0.1AI score0.01673EPSS
Exploits6
packetstorm
packetstorm
added 2020/11/20 12:0 a.m.716 views

Barco wePresent Global Hardcoded Root SSH Password

KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password Title: Barco wePresent Global Hardcoded Root SSH Password Advisory ID: KL-001-2020-008 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1. Vulnerability Details Affecte...

8.1AI score0.04708EPSS
Exploits13
korelogic
korelogic
added 2020/11/20 12:0 a.m.114 views

Barco wePresent Admin Credentials Exposed In Plain-text

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-523: Unprotected Transport of Credentials CVE ID: CVE-2020-28330 2. Vulnerability Description An attacker armed with hardcoded API...

9.8CVSS7.8AI score0.01543EPSS
Exploits8Affected Software1
cnnvd
cnnvd
added 2020/11/20 12:0 a.m.9 views

Barco wePresent WiPG-1600W Trust Management Issue Vulnerability

The Barco Barco wePresent WiPG-1600W is a management device for use in conference environments from Barco Belgium. A security vulnerability exists in the Barco wePresent WiPG-1600W that stems from the inclusion of a hard-coded API account and password that can be discovered by examining the...

9.8CVSS6.9AI score0.01543EPSS
Exploits7References3
korelogic
korelogic
added 2020/11/20 12:0 a.m.80 views

Barco wePresent Insecure Firmware Image

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19 Platform: Embedded Linux CWE Classification: CWE-494: Download of Code Without Integrity Check CVE ID: CVE-2020-28332 2. Vulnerability Description The Barco...

9.8CVSS8.5AI score0.01079EPSS
Exploits3Affected Software1
cnnvd
cnnvd
added 2020/11/20 12:0 a.m.9 views

Barco wePresent WiPG-1600W 信任管理问题漏洞

The Barco wePresent WiPG-1600W is a management device for conference environments from Barco Belgium. A security vulnerability exists in Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19, which stems from the inclusion of a hard-coded root password hash in the firmware...

10CVSS7.3AI score0.04708EPSS
Exploits3References4
packetstorm
packetstorm
added 2020/11/20 12:0 a.m.758 views

Barco wePresent Authentication Bypass

KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory ID: KL-001-2020-006 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-006.txt 1. Vulnerability Details Affected Vendor: Barco Affected...

0.2AI score0.032EPSS
Exploits2
cnnvd
cnnvd
added 2020/11/20 12:0 a.m.10 views

Barco wePresent WiPG-1600W Security Vulnerability

Barco Barco wePresent WiPG-1600W is a management appliance for conference environments from Barco Belgium. A security vulnerability exists in Barco wePresent WiPG-1600W 2.5.1.8 that stems from the inclusion of an SSH daemon. By default, the SSH daemon is disabled and is not started at system boot...

7.5CVSS7.2AI score0.01673EPSS
Exploits6References4
korelogic
korelogic
added 2020/11/20 12:0 a.m.79 views

Barco wePresent Authentication Bypass

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8 Platform: Embedded Linux CWE Classification: CWE-288: Authentication Bypass Using an Alternate Path or Channel CVE ID: CVE-2020-28333 2. Vulnerability Description The Barco wePresent web...

9.8CVSS8.8AI score0.032EPSS
Exploits2Affected Software1
packetstorm
packetstorm
added 2020/11/20 12:0 a.m.786 views

Barco wePresent Insecure Firmware Image

KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware Image Advisory ID: KL-001-2020-009 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt 1. Vulnerability Details Affected Vendor: Barco Affect...

8.7AI score0.01673EPSS
Exploits7
korelogic
korelogic
added 2020/11/20 12:0 a.m.131 views

Barco wePresent Global Hardcoded Root SSH Password

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials CVE ID: CVE-2020-28334 2. Vulnerability Description The Barco wePresent...

10CVSS7.9AI score0.04708EPSS
Exploits10Affected Software1
korelogic
korelogic
added 2020/11/20 12:0 a.m.113 views

Barco wePresent Hardcoded API Credentials

Vulnerability Details Affected Vendor: Barco Affected Product: wePresent WiPG-1600W Affected Version: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials CVE ID: CVE-2020-28329 2. Vulnerability Description Barco wePresent...

9.8CVSS7.8AI score0.01543EPSS
Exploits7Affected Software1
exploitdb
exploitdb
added 2020/01/15 12:0 a.m.462 views

Barco WePresent - file_transfer.cgi Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...

10CVSS7AI score0.98952EPSS
Exploits10
packetstorm
packetstorm
added 2020/01/14 12:0 a.m.117 views

Barco WePresent file_transfer.cgi Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...

10CVSS9.6AI score0.98952EPSS
Exploits10
metasploit
metasploit
added 2020/01/09 1:3 p.m.44 views

Barco WePresent file_transfer.cgi Command Injection

This module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the filetransfer.cgi endpoint. This module requires Metasploit: https://metasploit.com/download Current...

9.8CVSS0.3AI score0.98952EPSS
Exploits10
zdt
zdt
added 2019/09/06 12:0 a.m.67 views

AwindInc SNMP Service - Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AwindInc SNMP Service Command Injection", 'Description' = %q This module exploits a vulnerability found in AwindInc and OEM'ed products where...

7.2CVSS0.6AI score0.71963EPSS
Exploits5
packetstorm
packetstorm
added 2019/09/04 12:0 a.m.245 views

AwindInc SNMP Service Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AwindInc SNMP Service Command Injection", 'Description' = %q This module exploits a vulnerability found in AwindInc and OEM'ed products where...

6.5CVSS0.2AI score0.71963EPSS
Exploits5
Rows per page
Query Builder