Vulnerability Details CVE-2020-28330
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp of a Barco wePresent WiPG-1600W device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2020-28330
-
cpe:2.3:h:barco:wepresent_wipg-1600w:-
-
cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:2.5.1.8