Description: This allows access to the projector via bruteforcing a 4-digit PIN.
Versions Affected: EasyMP 2.86
Researcher: Rhino Security Team (https://twitter.com/RhinoSecurity)
Disclosure Link: https://rhinosecuritylabs.com/internet-of-things/epson-easymp-remote-projection-vulnerabilities/
NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2017-12861
The 4-digit PIN has no lockout mechanism and can be bruteforced.
python CVE-2017-12861.py