CVE Vulnerabilities

CVE-2014-8384

Published: May 18, 2015 | Modified: May 19, 2015
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.4 HIGH
AV:N/AC:L/Au:N/C:N/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the device, change the device name, and have other unspecified impact via a crafted request.

Affected Software

Name Vendor Start Version End Version
In3128hd_firmware Infocus 0.26 (including) 0.26 (including)

References