VYPR

Mondopad

by Infocus

CVEs (2)

  • CVE-2017-14972HigOct 9, 2017
    risk 0.49cvss 7.5epss 0.01

    InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file.

  • CVE-2017-14971MedOct 9, 2017
    risk 0.36cvss 5.5epss 0.01

    Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker…