Security Advisory

CVE-2019-3910

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-01-18 18:00:00

Last updated 2024-08-04 19:26:26

Assigner tenable

State PUBLISHED

Description

Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interfaces return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.

← Browse all CVEs View on cve.org ↗