go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

BenQ EH600 - Improper Privilege Management

TVN ID TVN-202108008
CVE ID CVE-2021-37911
CVSS 8.8 (High)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products BenQ EH600 OTA v01.00.31.00 (AOSP 6.0)
Description The management interface of BenQ smart wireless conference projector does not properly control user’s privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.
Solution Update OTA v01.00.30.00 (AOSP 6.0)
Credit BenQ
Public Date 2021-08-30
Top