The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
In3128hd_firmware | Infocus | 0.26 (including) | 0.26 (including) |