Wepresent Wipg-1600w Firmware Security Vulnerabilities and Issues — Wepresent Wipg-1600w Firmware CVE List

Lucene search

BarcoWepresent Wipg-1600w Firmware

3 matches found

CVE•added 2020/11/24 7:15 p.m.•87 views

CVE-2020-28333

Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requ...

9.8CVSS9.2AI score0.01449EPSS

CVE•added 2020/11/24 8:15 p.m.•81 views

CVE-2020-28329

Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19...

9.8CVSS7.7AI score0.00706EPSS

CVE•added 2020/11/24 7:15 p.m.•67 views

CVE-2020-28332

Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modifie...

9.8CVSS9.6AI score0.00213EPSS