CVE-2020-28331 – Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5. …

24 November 2020

Vuln ID: CVE-2020-28331

Published: 2020-11-24 18:15:12Z

Description: Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. The web interface does not provide a visible capability to alter this configuration file variable. However, a malicious actor can include this variable in a POST such that the SSH daemon will be started when the device boots.

Source: NVD.NIST.GOV

Date:

24 November 2020

Categorie(s):

NVD

Tag(s):

NVD

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds26 April 2024
Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #35926 April 2024
Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024