{"containers": {"cna": {"affected": [{"product": "Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.", "vendor": "Crestron", "versions": [{"status": "affected", "version": "Crestron AM-100 firmware 1.6.0.2"}, {"status": "affected", "version": "Crestron AM-101 firmware 2.7.0.1"}, {"status": "affected", "version": "Barco wePresent WiPG-1000P firmware 2.3.0.10"}, {"status": "affected", "version": "Barco wePresent WiPG-1600W before firmware 2.4.1.19"}, {"status": "affected", "version": "Extron ShareLink 200/250 firmware 2.0.3.4"}, {"status": "affected", "version": "Teq AV IT WIPS710 firmware 1.1.0.7"}, {"status": "affected", "version": "SHARP PN-L703WA firmware 1.4.2.3"}, {"status": "affected", "version": "Optoma WPS-Pro firmware 1.0.0.5"}, {"status": "affected", "version": "Blackbox HD WPS firmware 1.0.0.5"}, {"status": "affected", "version": "InFocus LiteShow3 firmware 1.0.16"}, {"status": "affected", "version": "and InFocus LiteShow4 2.0.0.7"}]}], "descriptions": [{"lang": "en", "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-01-14T17:06:03", "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.tenable.com/security/research/tra-2019-20"}, {"name": "46786", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/46786/"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vulnreport@tenable.com", "ID": "CVE-2019-3929", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.", "version": {"version_data": [{"version_value": "Crestron AM-100 firmware 1.6.0.2"}, {"version_value": "Crestron AM-101 firmware 2.7.0.1"}, {"version_value": "Barco wePresent WiPG-1000P firmware 2.3.0.10"}, {"version_value": "Barco wePresent WiPG-1600W before firmware 2.4.1.19"}, {"version_value": "Extron ShareLink 200/250 firmware 2.0.3.4"}, {"version_value": "Teq AV IT WIPS710 firmware 1.1.0.7"}, {"version_value": "SHARP PN-L703WA firmware 1.4.2.3"}, {"version_value": "Optoma WPS-Pro firmware 1.0.0.5"}, {"version_value": "Blackbox HD WPS firmware 1.0.0.5"}, {"version_value": "InFocus LiteShow3 firmware 1.0.16"}, {"version_value": "and InFocus LiteShow4 2.0.0.7"}]}}]}, "vendor_name": "Crestron"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://www.tenable.com/security/research/tra-2019-20", "refsource": "MISC", "url": "https://www.tenable.com/security/research/tra-2019-20"}, {"name": "46786", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/46786/"}, {"name": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html"}, {"name": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html"}]}}}}, "cveMetadata": {"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "assignerShortName": "tenable", "cveId": "CVE-2019-3929", "datePublished": "2019-04-30T20:21:09", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2020-01-14T17:06:03", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"cisaActionDue": "2022-05-06", "cisaExploitAdd": "2022-04-15", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Crestron Multiple Products Command Injection Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "913135BE-8FB4-40BA-85D8-AD0F824493C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*", "matchCriteriaId": "081E2B1B-027D-4846-8C61-54CE2D668CD0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6AC584E7-9159-48E8-B499-F5CA68663503", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "4102ECBE-C362-4D67-A8B8-E0C796991A05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CA49409-DD7A-443C-9C64-F7FC02AD572F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC11E306-2039-4981-B0DE-F0E086E82A99", "versionEndExcluding": "2.4.1.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6EDF943-F79F-4729-A15C-BEDFDAC42EA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "A2A958C1-D420-4686-B16A-9F894D9D546B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9052908E-4A0A-4462-9054-FF8B81BE61AD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "4452FE8E-2FF1-4920-BE15-EDB36865E436", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D0429EC-69E4-40DF-8F58-92C14B1EE30F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "30DE4653-931B-4EE4-997C-EDE3B4FD1103", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C065DAA-CCAD-4551-A6D3-61A714EBEC2A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1B378214-4F0E-4365-92B4-A1C1CA1BF8E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*", "matchCriteriaId": "515FE3BB-C5C9-496C-A002-E5687D5D2B00", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B85EAE85-7C54-4B93-96BA-72FCB1CFA94F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "2033CAD9-390C-4AA4-A05E-951849AB16E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "2143F71D-47D5-4630-B1CF-74824682523C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "E5722F58-47BA-4430-8F92-FA56348FD4A9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "A31899CB-CC41-446A-AB84-40D2BDED1F30", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E81DF5B-9FD1-44E7-B23D-639ACAD4EED0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D361E8D9-377E-4DBB-BFAC-35CB4333A6EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*", "matchCriteriaId": "76B7C16D-C7D8-4502-B466-1D6A0183527A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root."}, {"lang": "es", "value": "El firmware Crestron AM-100 versi\u00f3n 1.6.0.2, el firmware Crestron AM-101 versi\u00f3n 2.7.0.1, Barco wePresent WiPG-1000P firmware versi\u00f3n 2.3.0.10, Barco wePresent WiPG-1600W antes del firmware versi\u00f3n 2.4.1.19, Extron ShareLink 200/250 firmware versi\u00f3n 2.0.3.4, Teq AV IT WIPS710 firmware versi\u00f3n 1.1.0.7, SHARP PN-L703WA firmware versi\u00f3n 1.4.2.3, Optoma WPS-Pro firmware versi\u00f3n 1.0.0.5, Blackbox HD WPS firmware versi\u00f3n 1.0.0.5, InFocus LiteShow3 firmware versi\u00f3n 1.0.16 e InFocus LiteShow4 versi\u00f3n 2.0.0.7 son vulnerables para ordenar la inyecci\u00f3n por medio del endpoint HTTP file_transfer.cgi. Un atacante remoto no identificado puede usar esta vulnerabilidad para ejecutar comandos del sistema operativo como root."}], "id": "CVE-2019-3929", "lastModified": "2020-10-16T18:09:51.387", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-30T21:29:00.713", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/152715/Barco-AWIND-OEM-Presentation-Platform-Unauthenticated-Remote-Command-Injection.html"}, {"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/155948/Barco-WePresent-file_transfer.cgi-Command-Injection.html"}, {"source": "vulnreport@tenable.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46786/"}, {"source": "vulnreport@tenable.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2019-20"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}

{}