CVE-2019-3910 - CERT CVE
ID CVE-2019-3910
Sažetak Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.
Reference
CVSS
Base: 8.5
Impact: 7.8
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL COMPLETE
CVSS vektor AV:N/AC:L/Au:N/C:N/I:P/A:C
Zadnje važnije ažuriranje 24-08-2020 - 17:37
Objavljeno 18-01-2019 - 18:29