PatchSiren

Wepresent CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Wepresent CVE published 2017-03-06

CVE-2017-6351

CVE-2017-6351 describes a hardcoded manufacturer account in WePresent WiPG-1500 firmware 1.0.3.7. When DEBUG mode is enabled, the device exposes telnet access on TCP/5885, allowing authentication with the undocumented 'abarco' account. NVD assigns the issue a CVSS 3.0 score of 8.1 (HIGH) and maps it to CWE-798 (Use of Hard-coded Credentials).