Barco ClickShare Device Default Credentials

critical Nessus Plugin ID 77249

Synopsis

The remote Barco ClickShare administration interface uses a default set of known credentials.

Description

Nessus was able to login to the web administration interface on the remote Barco ClickShare device using a default set of known credentials. A remote attacker can exploit this to gain administrative control of the device.

Solution

Change the password for the default 'admin' account.

See Also

http://www.nessus.org/u?236478e4

Plugin Details

Severity: Critical

ID: 77249

File Name: barco_clickshare_default_creds.nasl

Version: 1.8

Type: remote

Family: CGI abuses

Published: 8/19/2014

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.6

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:barco:clickshare

Required KB Items: installed_sw/Barco ClickShare

Excluded KB Items: global_settings/supplied_logins_only