CVE-2019-3930

Published Apr 30, 2019

Last updated 4 years ago

CVSS critical 9.8

Overview

Description: The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.
Source: vulnreport@tenable.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-787
vulnreport@tenable.com: CWE-121

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "081E2B1B-027D-4846-8C61-54CE2D668CD0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "913135BE-8FB4-40BA-85D8-AD0F824493C3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC584E7-9159-48E8-B499-F5CA68663503"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4CA49409-DD7A-443C-9C64-F7FC02AD572F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4102ECBE-C362-4D67-A8B8-E0C796991A05"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E6EDF943-F79F-4729-A15C-BEDFDAC42EA3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC11E306-2039-4981-B0DE-F0E086E82A99",
            "versionEndExcluding": "2.4.1.19"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2A958C1-D420-4686-B16A-9F894D9D546B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9052908E-4A0A-4462-9054-FF8B81BE61AD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4452FE8E-2FF1-4920-BE15-EDB36865E436"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6D0429EC-69E4-40DF-8F58-92C14B1EE30F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30DE4653-931B-4EE4-997C-EDE3B4FD1103"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C065DAA-CCAD-4551-A6D3-61A714EBEC2A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B378214-4F0E-4365-92B4-A1C1CA1BF8E9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "515FE3BB-C5C9-496C-A002-E5687D5D2B00"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2033CAD9-390C-4AA4-A05E-951849AB16E8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B85EAE85-7C54-4B93-96BA-72FCB1CFA94F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E5722F58-47BA-4430-8F92-FA56348FD4A9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2143F71D-47D5-4630-B1CF-74824682523C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A31899CB-CC41-446A-AB84-40D2BDED1F30"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7E81DF5B-9FD1-44E7-B23D-639ACAD4EED0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D361E8D9-377E-4DBB-BFAC-35CB4333A6EB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "76B7C16D-C7D8-4502-B466-1D6A0183527A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References