NA

CVE-2020-283292

Vulnerability Summary

Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Versions affected include 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19.

Exploits

Barco wePresent device firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image A malicious actor could use this password to access authenticated, administrative functions in the API Versions affected include 2518, 25025, 25024, and 24119 ...