Stack Buffer Overflow in Crestron AM-100, Barco wePresent Devices and Others
CVE-2019-3930
What is CVE-2019-3930?
A vulnerability exists in several products including Crestron AM-100 and Barco wePresent devices, where a stack buffer overflow in the PARSERtoCHAR function of libAwgCgi.so allows remote, unauthenticated attackers to execute arbitrary code. This can be triggered by sending a malicious request to the return.cgi endpoint, compromising the system and potentially granting the attacker root access.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4. Crestron AM-100 firmware 1.6.0.2
Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4. Crestron AM-101 firmware 2.7.0.1
Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4. Barco wePresent WiPG-1000P firmware 2.3.0.10
References
EPSS Score
15% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved