CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 3CVE-2020-28329 – Barco wePresent Hardcoded API Credentials
https://notcve.org/view.php?id=CVE-2020-28329
20 Nov 2020 — Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. El firmware Barco wePresent WiPG-1600W incluye una cuenta y contraseña de API embebidas que se pueden detectar al inspeccionar la imagen del firmware. Un actor malicioso podría usar esta contraseña para acc... • https://packetstorm.news/files/id/160159 • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2CVE-2020-28330 – Barco wePresent Admin Credential Exposure
https://notcve.org/view.php?id=CVE-2020-28330
20 Nov 2020 — Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp of a Barco wePresent WiPG-1600W device. Los dispositivos Barco wePresent WiPG-1600W presentan un Transporte de Credenciales No Protegidas. Versión (s) afectada (s): 2.5.1.8. • https://packetstorm.news/files/id/160160 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-28331 – Barco wePresent Undocumented SSH Interface
https://notcve.org/view.php?id=CVE-2020-28331
20 Nov 2020 — Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. • https://packetstorm.news/files/id/160162 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 3CVE-2020-28332 – Barco wePresent Insecure Firmware Image
https://notcve.org/view.php?id=CVE-2020-28332
20 Nov 2020 — Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images. Los dispositivos Barco wePresent WiPG-1600W descargan el código sin una Comprobación de Integridad. Versiones afectadas: 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. • https://packetstorm.news/files/id/160164 • CWE-494: Download of Code Without Integrity Check •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2020-28333 – Barco wePresent Authentication Bypass
https://notcve.org/view.php?id=CVE-2020-28333
20 Nov 2020 — Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed in web proxy logs and browser history. • https://packetstorm.news/files/id/160161 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 13%CPEs: 5EXPL: 3CVE-2020-28334 – Barco wePresent Global Hardcoded Root SSH Password
https://notcve.org/view.php?id=CVE-2020-28334
20 Nov 2020 — Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell. Los dispositivos Barco wePresent WiPG-1600W utilizan Credenciales Embebidas (problem... • https://packetstorm.news/files/id/160163 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 15%CPEs: 24EXPL: 1CVE-2019-3930
https://notcve.org/view.php?id=CVE-2019-3930
30 Apr 2019 — The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, una... • https://www.tenable.com/security/research/tra-2019-20 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 94%CPEs: 24EXPL: 6CVE-2019-3929 – Crestron Multiple Products Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-3929
30 Apr 2019 — The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthent... • https://packetstorm.news/files/id/155948 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •