Barco

Wepresent Wipg-1600w Firmware

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2020-28329

Exploit
  • EPSS 0.71%
  • Published 24.11.2020 20:15:11
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected ...

6.5

CVE-2020-28330

Exploit
  • EPSS 0.37%
  • Published 24.11.2020 19:15:10
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admi...

9.8

CVE-2020-28332

Exploit
  • EPSS 0.21%
  • Published 24.11.2020 19:15:10
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is...

9.8

CVE-2020-28333

  • EPSS 1.45%
  • Published 24.11.2020 19:15:10
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" toke...

10

CVE-2020-28334

Exploit
  • EPSS 13.02%
  • Published 24.11.2020 19:15:10
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploit...

7.5

CVE-2020-28331

  • EPSS 0.52%
  • Published 24.11.2020 18:15:12
  • Last modified 21.11.2024 05:22:35

Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system...

10

CVE-2019-3929

Warning Exploit
  • EPSS 93.99%
  • Published 30.04.2019 21:29:00
  • Last modified 07.02.2025 15:00:23

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, ...

10

CVE-2019-3930

Exploit
  • EPSS 15.34%
  • Published 30.04.2019 21:29:00
  • Last modified 21.11.2024 04:42:53

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, ...