Lucene search
MitreCVE-2014-8384HistoryMay 18, 2015 - 3:59 p.m.
CVE-2014-8384
2015-05-1815:59:01
mitre
web.nvd.nist.gov
24
infocus
in3128hd
projector
firmware
vulnerability
remote access
dhcp
ip configuration
security issue
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.01
Percentile
83.7%
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.
Affected configurations
Node
infocusin3128hd_firmwareMatch0.26
infocusin3128hdMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| infocus | in3128hd_firmware | 0.26 | cpe:2.3:o:infocus:in3128hd_firmware:0.26:*:*:*:*:*:*:* |
| infocus | in3128hd | - | cpe:2.3:h:infocus:in3128hd:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-8384
2015-05-18 15:59:01
prion
prion
Cross site request forgery (csrf)
2015-05-18 15:59:00
cvelist
cvelist
CVE-2014-8384
2015-05-18 15:00:00
packetstorm
packetstorm
InFocus IN3128HD Projector Missing Authentication
2015-04-28 00:00:00
coresecurity
coresecurity
InFocus IN3128HD Projector Multiple Vulnerabilities
2015-04-27 00:00:00
zdt
zdt
InFocus IN3128HD Projector Missing Authentication Vulnerability
2015-04-28 00:00:00
securityvulns
securityvulns
InFocus projectors authentication bypass
2015-05-11 00:00:00
[CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities
2015-05-11 00:00:00
CVSS2
9.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.01
Percentile
83.7%
Related for CVE-2014-8384