Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » InFocus projectors plagued by authentication flaws

InFocus projectors plagued by authentication flaws

2015/04/29

Securityweek - (International) Security researchers at Core Security identified an authentication bypass vulnerability in InFocus network-connected projectors in which an unauthenticated user could bypass the login page and access the projector's Web interface as an administrator by navigating to the "main.html" page. Once logged in, the unauthenticated user would have the ability to access and modify private network and WiFi configuration information.

Source: http://www.securityweek.com/infocus-projectors-plagued-authentication-flaws-core-security

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:13