Security Advisory

CVE-2019-3933

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-30 20:30:50

Last updated 2024-08-04 19:26:27

Assigner tenable

State PUBLISHED

Description

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the access code.

← Browse all CVEs View on cve.org ↗