CVE-2019-3910
N/A
N/A
Summary
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Crestron AM-100 Before 1.6.0.2 | Crestron AM-100 Before 1.6.0.2 | affected |
Weaknesses
- Authentication Bypass
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.