Polyvision Roomwizard Firmware : Security vulnerabilities, CVEs

Copy

CVE-2011-0423

The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administrator account, which makes it easier for remote attackers to obtain console access via an HTTP session, a different vulnerability than CVE-2010-0214.

Max CVSS

7.5

EPSS Score

2.71%

Published

2011-01-12

Updated

2017-08-17

CVE-2010-0214

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.

Max CVSS

5.0

EPSS Score

1.41%

Published

2011-01-12

Updated

2017-08-17

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!