9.4

CVE-2014-8384

Exploit
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
InfocusIn3128hd Firmware Version0.26
   InfocusIn3128hd Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.24% 0.867
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.4 10 9.2
AV:N/AC:L/Au:N/C:N/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/131661/InFocus-IN3128HD-Projector-Missing-Authentication.html
Exploit
http://seclists.org/fulldisclosure/2015/Apr/88
Exploit
http://www.coresecurity.com/advisories/infocus-in3128hd-projector-multiple-vulnerabilities
Vendor Advisory
Exploit