CVE-2020-28330
First published: Tue Nov 24 2020(Updated: )
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp of a Barco wePresent WiPG-1600W device.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Barco wePresent WiPG-1600W firmware | =2.5.1.8 | |
| Barco wePresent WiPG-1600W |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-28330.
What is the severity of CVE-2020-28330?
The severity of CVE-2020-28330 is medium.
Which software versions are affected by CVE-2020-28330?
The software version affected by CVE-2020-28330 is 2.5.1.8.
How can an attacker exploit CVE-2020-28330?
An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface.
Where can I find more information about CVE-2020-28330?
You can find more information about CVE-2020-28330 at the following reference: [Korelogic Advisory KL-001-2020-005.txt](https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt).
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/barco
- canonical/barco wepresent wipg-1600w firmware
- version/barco wepresent wipg-1600w firmware/2.5.1.8
- canonical/barco wepresent wipg-1600w