CVE-2021-40350

webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate...

Authentication flaw

webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows attackers to perform any desired action via a crafted query containing an unspecified Cookie header. Authentication bypass can be achieved by including an administrative cookie that the device does not validate...

CVE-2021-40350

CVE-2021-40350 affects Christie Digital DWU850-GS devices (firmware V06.46) via webctrl.cgi.elf. A crafted query with an unspecified Cookie header can bypass authentication, allowing an attacker to perform arbitrary actions. The root cause is an authentication bypass through cookie handling, with...

Christie Digital DWU850-GS 授权问题漏洞

The Christie Digital DWU850-GS is a laser projector from Christie. A security vulnerability in webctrl.cgi.elf in the firmware of the Christie Digital DWU850-GS version V06.46 can be exploited by an attacker to perform any desired action via a specially crafted query containing an unspecified...