CVE-2019-3935
N/A
N/A
Summary
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Crestron | Crestron AirMedia | AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2 | affected |
Weaknesses
- CWE-284: CWE-284 Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.