CVSS: 9.8EPSS: 4%CPEs: 4EXPL: 0CVE-2019-3939
https://notcve.org/view.php?id=CVE-2019-3939
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device. Crestron AM-100 con firmware 1.6.0.2 y AM-101 con firmware 2.7.0.2 utilizan credenciales por defecto admin/admin y moderator/moderator para la interfaz web. Un atacante remoto no autenticado puede utilizar estas credenciales para obtener acceso privilegia... • https://www.tenable.com/security/research/tra-2019-20 • CWE-16: Configuration CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3938
https://notcve.org/view.php?id=CVE-2019-3938
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any configuration file since all the encryption logic is hard coded. A local attacker can use this vulnerability to gain access to devices username and passwords. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 co... • https://www.tenable.com/security/research/tra-2019-20 • CWE-522: Insufficiently Protected Credentials CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3937
https://notcve.org/view.php?id=CVE-2019-3937
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data. "Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 almacena nombres de usuario, contraseñas, código de acceso a presentación de diapositivas y otras opciones de configuración en texto no cifrado en el archivo /tmp/sc... • https://www.tenable.com/security/research/tra-2019-20 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2019-3936
https://notcve.org/view.php?id=CVE-2019-3936
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vulnerability to stop an active slideshow. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 es vulnerable a la Denegación de Servicio mediante una petición creada al puerto TCP 389. La petición forzará a la pre... • https://www.tenable.com/security/research/tra-2019-20 • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-3935
https://notcve.org/view.php?id=CVE-2019-3935
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 permite a cualquier persona actuar como moderador de una presentación de diapositivas por medio de peticiones HTTP POST creadas para el archivo ... • https://www.tenable.com/security/research/tra-2019-20 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3934
https://notcve.org/view.php?id=CVE-2019-3934
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 permite que cualquiera pueda omitir el código de presentación enviando una petición HTTP POST creada para el archivo login.cgi. Un ... • https://www.tenable.com/security/research/tra-2019-20 • CWE-284: Improper Access Control CWE-425: Direct Request ('Forced Browsing') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2019-3933
https://notcve.org/view.php?id=CVE-2019-3933
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 permite a cualquiera omitir el código de presentación simplemente solicitando el archivo /images/browserslide.jpg por medio de HTTP. Un atac... • https://www.tenable.com/security/research/tra-2019-20 • CWE-284: Improper Access Control CWE-425: Direct Request ('Forced Browsing') •
CVSS: 9.8EPSS: 8%CPEs: 4EXPL: 1CVE-2019-3932
https://notcve.org/view.php?id=CVE-2019-3932
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 son vulnerables a la omisión de identificación debido a una contraseña codificada en el archivo return.tgi. Un atacante remoto no autorizado puede usar esta vulner... • https://www.tenable.com/security/research/tra-2019-20 • CWE-249: DEPRECATED: Often Misused: Path Manipulation CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 4%CPEs: 4EXPL: 1CVE-2019-3931
https://notcve.org/view.php?id=CVE-2019-3931
30 Apr 2019 — Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately execute code as root. Crestron AM-100 con firmware versión 1.6.0.2 y AM-101 con firmware versión 2.7.0.2 son vulnerables a la inyección de argumentos en el binario curl por medio de peticiones HTTP creadas para el archivo return.cgi. Un... • https://www.tenable.com/security/research/tra-2019-20 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 10.0EPSS: 15%CPEs: 24EXPL: 1CVE-2019-3930
https://notcve.org/view.php?id=CVE-2019-3930
30 Apr 2019 — The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, una... • https://www.tenable.com/security/research/tra-2019-20 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •