CVE-2017-14972

Name of the Vulnerable Software and Affected Versions InFocus Mondopad version 2.2.08

Description The issue allows for authentication bypass when accessing uploaded files. This can be achieved by entering Control-Alt-Delete and then using Task Manager to reach a file.

Recommendations For InFocus Mondopad version 2.2.08, consider restricting access to uploaded files until a patch is available. As a temporary workaround, limit the use of Task Manager to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.