65 matches found
CVE-2017-14971
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...
Design/Logic Flaw
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...
Authentication flaw
InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...
CVE-2017-14972
InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...
CVE-2017-14971
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...
CVE-2017-14971
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...
CVE-2017-14972
InFocus Mondopad 2.2.08 is affected by CVE-2017-14972, which is an authentication bypass vulnerability. The issue is described as being exploitable by accessing uploaded files after triggering a Control-Alt-Delete sequence and using Task Manager to reach a file. Connected sources (NVD/CNVD entrie...
CVE-2017-14972
InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...
CVE-2017-14971
Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker delivers a crafted Microsoft Office document containing a link with a UNC pathname pointing to an attacker‑controlled server; in a described scenario, an Excel spreadsheet is used and the attacker‑...
Foxconn OEM Android phone discovered the“Pork Explosion”vulnerability-vulnerability warning-the black bar safety net
Recently, security research experts JonSawyer publicly stated that he in some by the Foxconn OEM manufacturing of Android smartphones found a backdoor, the attacker or by the back door to the root user of Android phone. Prior to that, JohnSawyer ever for the United States Local Governments and la...
InFocus IN3128HD Projector Validates Bypass Vulnerability
The InFocus IN3128HD projector is a projector product used in the education industry. The InFocus IN3128HD firmware version 0.26 fails to properly handle user access, allowing remote attackers to bypass authentication and gain unauthorized access by sending a main.html request...
Vulnerability in InFocus IN3128HD projector
InFocus IN3128HD projector is a projector product for the education industry from InFocus. A security vulnerability exists in the InFocus IN3128HD projector using firmware version 0.26. Because the program fails to restrict access to the cgi-bin/webctrl.cgi.elf file. A remote attacker can exploit...
CVE-2014-8384
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...
CVE-2014-8383
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...
Authentication flaw
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...
CVE-2014-8383
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...
Cross site request forgery (csrf)
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...
CVE-2014-8384
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...
CVE-2014-8383
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html...
CVE-2014-8384
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request...