Vulnerabilities > Sharp

DATE CVE VULNERABILITY TITLE RISK
2019-04-30 CVE-2019-3929 OS Command Injection vulnerability in multiple products
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint.
network
low complexity
crestron barco extron teqavit sharp optoma blackbox infocus CWE-78
critical
9.8
2017-11-17 CVE-2017-10890 Session Fixation vulnerability in Sharp products
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware versions prior to 79.17.17.09, RX-CLV2-B firmware versions prior to 89.07.17.09, RX-CLV3-N firmware versions prior to 91.09.17.10 allows an attacker on the same LAN to perform arbitrary operations or access information via unspecified vectors.
low complexity
sharp CWE-384
4.6
2017-06-09 CVE-2017-2192 Untrusted Search Path vulnerability in Sharp Rw-5100 1.1.0.0/1.2.0.0
Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sharp CWE-426
7.8
2017-06-09 CVE-2017-2191 Untrusted Search Path vulnerability in Sharp products
Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 version 1.0.1.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sharp CWE-426
7.8
2017-06-09 CVE-2017-2190 Untrusted Search Path vulnerability in Sharp Rw-4040 1.2.0.0
Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sharp CWE-426
7.8
2017-06-09 CVE-2017-2189 Untrusted Search Path vulnerability in Sharp Rw-4040 2.27
Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sharp CWE-426
7.8
2016-04-05 CVE-2016-1176 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sharp EVA Animator
Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.
network
low complexity
sharp CWE-119
6.3
2016-04-05 CVE-2016-1175 Cross-Site Request Forgery (CSRF) vulnerability in Sharp Aquos Hn-Pp150 Firmware 1.02.00.04/1.03.01.04
Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.
network
low complexity
sharp CWE-352
4.3
2002-12-31 CVE-2002-1975 Inadequate Encryption Strength vulnerability in Sharp Zaurus Sl-5000D Firmware and Zaurus Sl-5500 Firmware
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via brute force methods.
local
low complexity
sharp CWE-326
5.5