Lucene search
K

65 matches found

OSV
OSV
added 2017/10/09 5:29 a.m.5 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

5.5CVSS5.8AI score0.00863EPSS
Exploits1References1
Prion
Prion
added 2017/10/09 5:29 a.m.18 views

Design/Logic Flaw

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

4.3CVSS5.3AI score0.00863EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2017/10/09 5:29 a.m.19 views

Authentication flaw

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

5CVSS7.6AI score0.01305EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/10/09 5:29 a.m.4 views

CVE-2017-14972

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

7.5CVSS5.8AI score0.01305EPSS
Exploits0References1
NVD
NVD
added 2017/10/09 5:29 a.m.20 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

5.5CVSS5.3AI score0.00863EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/10/09 5:0 a.m.19 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

5.3AI score0.00863EPSS
Exploits1References1
CVE
CVE
added 2017/10/09 5:0 a.m.44 views

CVE-2017-14972

InFocus Mondopad 2.2.08 is affected by CVE-2017-14972, which is an authentication bypass vulnerability. The issue is described as being exploitable by accessing uploaded files after triggering a Control-Alt-Delete sequence and using Task Manager to reach a file. Connected sources (NVD/CNVD entrie...

7.5CVSS7.6AI score0.01305EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/10/09 5:0 a.m.22 views

CVE-2017-14972

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

7.7AI score0.01305EPSS
Exploits0References1
CVE
CVE
added 2017/10/09 5:0 a.m.50 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker delivers a crafted Microsoft Office document containing a link with a UNC pathname pointing to an attacker‑controlled server; in a described scenario, an Excel spreadsheet is used and the attacker‑...

5.5CVSS5.3AI score0.00863EPSS
Exploits1References1Affected Software1
myhack58
myhack58
added 2016/10/24 12:0 a.m.19 views

Foxconn OEM Android phone discovered the“Pork Explosion”vulnerability-vulnerability warning-the black bar safety net

Recently, security research experts JonSawyer publicly stated that he in some by the Foxconn OEM manufacturing of Android smartphones found a backdoor, the attacker or by the back door to the root user of Android phone. Prior to that, JohnSawyer ever for the United States Local Governments and la...

Exploits0
CNVD
CNVD
added 2015/05/20 12:0 a.m.3 views

InFocus IN3128HD Projector Validates Bypass Vulnerability

The InFocus IN3128HD projector is a projector product used in the education industry. The InFocus IN3128HD firmware version 0.26 fails to properly handle user access, allowing remote attackers to bypass authentication and gain unauthorized access by sending a main.html request...

10CVSS7.2AI score0.03092EPSS
Exploits3References1
CNVD
CNVD
added 2015/05/19 12:0 a.m.8 views

Vulnerability in InFocus IN3128HD projector

InFocus IN3128HD projector is a projector product for the education industry from InFocus. A security vulnerability exists in the InFocus IN3128HD projector using firmware version 0.26. Because the program fails to restrict access to the cgi-bin/webctrl.cgi.elf file. A remote attacker can exploit...

9.4CVSS6.9AI score0.03235EPSS
Exploits3References1
NVD
NVD
added 2015/05/18 3:59 p.m.16 views

CVE-2014-8384

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...

9.4CVSS6.7AI score0.03235EPSS
Exploits3References3
ATTACKERKB
ATTACKERKB
added 2015/05/18 3:59 p.m.5 views

CVE-2014-8383

The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...

10CVSS5.6AI score0.03092EPSS
Exploits3References4
Prion
Prion
added 2015/05/18 3:59 p.m.16 views

Authentication flaw

The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...

10CVSS7.4AI score0.03092EPSS
Exploits3References3Affected Software1
NVD
NVD
added 2015/05/18 3:59 p.m.21 views

CVE-2014-8383

The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...

10CVSS6.8AI score0.03092EPSS
Exploits3References3
Prion
Prion
added 2015/05/18 3:59 p.m.15 views

Cross site request forgery (csrf)

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...

9.4CVSS7.3AI score0.03235EPSS
Exploits3References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2015/05/18 3:59 p.m.3 views

CVE-2014-8384

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...

9.4CVSS5.7AI score0.03235EPSS
Exploits3References4
Cvelist
Cvelist
added 2015/05/18 3:0 p.m.32 views

CVE-2014-8383

The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...

6.8AI score0.03092EPSS
Exploits3References3
Cvelist
Cvelist
added 2015/05/18 3:0 p.m.26 views

CVE-2014-8384

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...

6.7AI score0.03235EPSS
Exploits3References3
Rows per page
Query Builder