CVE-2019-3929

{"id": "CVE-2019-3929", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-04-30T21:29:00.713", "references": [{"url": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "vulnreport@tenable.com"}, {"url": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "vulnreport@tenable.com"}, {"url": "https://www.exploit-db.com/exploits/46786/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "vulnreport@tenable.com"}, {"url": "https://www.tenable.com/security/research/tra-2019-20", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}, {"url": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/46786/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.tenable.com/security/research/tra-2019-20", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vulnreport@tenable.com", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root."}, {"lang": "es", "value": "El firmware Crestron AM-100 versi\u00f3n 1.6.0.2, el firmware Crestron AM-101 versi\u00f3n 2.7.0.1, Barco wePresent WiPG-1000P firmware versi\u00f3n 2.3.0.10, Barco wePresent WiPG-1600W antes del firmware versi\u00f3n 2.4.1.19, Extron ShareLink 200/250 firmware versi\u00f3n 2.0.3.4, Teq AV IT WIPS710 firmware versi\u00f3n 1.1.0.7, SHARP PN-L703WA firmware versi\u00f3n 1.4.2.3, Optoma WPS-Pro firmware versi\u00f3n 1.0.0.5, Blackbox HD WPS firmware versi\u00f3n 1.0.0.5, InFocus LiteShow3 firmware versi\u00f3n 1.0.16 e InFocus LiteShow4 versi\u00f3n 2.0.0.7 son vulnerables para ordenar la inyecci\u00f3n por medio del endpoint HTTP file_transfer.cgi. Un atacante remoto no identificado puede usar esta vulnerabilidad para ejecutar comandos del sistema operativo como root."}], "lastModified": "2024-11-21T04:42:53.067", "cisaActionDue": "2022-05-06", "cisaExploitAdd": "2022-04-15", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "913135BE-8FB4-40BA-85D8-AD0F824493C3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "081E2B1B-027D-4846-8C61-54CE2D668CD0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AC584E7-9159-48E8-B499-F5CA68663503"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4102ECBE-C362-4D67-A8B8-E0C796991A05"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4CA49409-DD7A-443C-9C64-F7FC02AD572F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC11E306-2039-4981-B0DE-F0E086E82A99", "versionEndExcluding": "2.4.1.19"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6EDF943-F79F-4729-A15C-BEDFDAC42EA3"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2A958C1-D420-4686-B16A-9F894D9D546B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9052908E-4A0A-4462-9054-FF8B81BE61AD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4452FE8E-2FF1-4920-BE15-EDB36865E436"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6D0429EC-69E4-40DF-8F58-92C14B1EE30F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30DE4653-931B-4EE4-997C-EDE3B4FD1103"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C065DAA-CCAD-4551-A6D3-61A714EBEC2A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B378214-4F0E-4365-92B4-A1C1CA1BF8E9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "515FE3BB-C5C9-496C-A002-E5687D5D2B00"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B85EAE85-7C54-4B93-96BA-72FCB1CFA94F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2033CAD9-390C-4AA4-A05E-951849AB16E8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2143F71D-47D5-4630-B1CF-74824682523C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5722F58-47BA-4430-8F92-FA56348FD4A9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A31899CB-CC41-446A-AB84-40D2BDED1F30"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E81DF5B-9FD1-44E7-B23D-639ACAD4EED0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D361E8D9-377E-4DBB-BFAC-35CB4333A6EB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "76B7C16D-C7D8-4502-B466-1D6A0183527A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vulnreport@tenable.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Crestron Multiple Products Command Injection Vulnerability"}