Sign-up

ID

VAR-201904-0320


CVE

CVE-2019-3929


TITLE

Crestron AM-100 Command injection vulnerability in products such as firmware

Trust: 0.8

sources: JVNDB: JVNDB-2019-004073

DESCRIPTION

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root. Crestron AM-100 There is a command injection vulnerability in products such as firmware.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A command injection vulnerability exists in several routers. This vulnerability stems from the fact that the network system or product does not correctly filter special elements in the process of constructing executable commands from external input data

Trust: 1.8

sources: NVD: CVE-2019-3929 // JVNDB: JVNDB-2019-004073 // VULHUB: VHN-155364 // VULMON: CVE-2019-3929

AFFECTED PRODUCTS

vendor:barcomodel:wepresent wipg-1000pscope:eqversion:2.3.0.10

Trust: 1.8

vendor:barcomodel:wepresent wipg-1600wscope:ltversion:2.4.1.19

Trust: 1.8

vendor:extronmodel:sharelink 200scope:eqversion:2.0.3.4

Trust: 1.8

vendor:extronmodel:sharelink 250scope:eqversion:2.0.3.4

Trust: 1.8

vendor:infocusmodel:liteshow3scope:eqversion:1.0.16

Trust: 1.8

vendor:infocusmodel:liteshow4scope:eqversion:2.0.0.7

Trust: 1.8

vendor:optomamodel:wps-proscope:eqversion:1.0.0.5

Trust: 1.8

vendor:sharpmodel:pn-l703wascope:eqversion:1.4.2.3

Trust: 1.8

vendor:crestronmodel:am-101scope:eqversion:2.7.0.2

Trust: 1.0

vendor:teqavitmodel:wips710scope:eqversion:1.1.0.7

Trust: 1.0

vendor:crestronmodel:am-100scope:eqversion:1.6.0.2

Trust: 1.0

vendor:blackboxmodel:hd wireless presentation systemscope:eqversion:1.0.0.5

Trust: 1.0

vendor:black box network servicesmodel:hd wireless presentation systemscope:eqversion:1.0.0.5

Trust: 0.8

vendor:crestronmodel:airmedia am-100scope:eqversion:1.6.0.2

Trust: 0.8

vendor:crestronmodel:airmedia am-101scope:eqversion:2.7.0.1

Trust: 0.8

vendor:teq avitmodel:wips710scope:eqversion:1.1.0.7

Trust: 0.8

sources: JVNDB: JVNDB-2019-004073 // NVD: CVE-2019-3929

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-3929
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-3929
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201904-1386
value: CRITICAL

Trust: 0.6

VULHUB: VHN-155364
value: HIGH

Trust: 0.1

VULMON: CVE-2019-3929
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-3929
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-155364
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-3929
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-3929
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-155364 // VULMON: CVE-2019-3929 // JVNDB: JVNDB-2019-004073 // CNNVD: CNNVD-201904-1386 // NVD: CVE-2019-3929

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-79

Trust: 1.0

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-155364 // JVNDB: JVNDB-2019-004073 // NVD: CVE-2019-3929

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201904-1386

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201904-1386

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-004073

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-155364 // 
            
            
            
            VULMON: CVE-2019-3929

PATCH
title:wePresent WiPG-1000url:https://www.barco.com/en/product/wepresent-wipg-1000
Trust: 0.8
title:wePresent WiPG-1600Wurl:https://www.barco.com/en/product/wepresent-wipg-1600w
Trust: 0.8
title:Top Pageurl:https://www.blackbox.com/en-us
Trust: 0.8
title:AM-100url:https://www.crestron.com/en-US/Products/Workspace-Solutions/Wireless-Presentation-Solutions/AirMedia-Presentation-Gateways/AM-100
Trust: 0.8
title:AM-101url:https://www.crestron.com/en-US/Products/Workspace-Solutions/Wireless-Presentation-Solutions/AirMedia-Presentation-Gateways/AM-101
Trust: 0.8
title:Top Pageurl:https://www.extron.com/
Trust: 0.8
title:Top Pageurl:https://www.infocus.com/
Trust: 0.8
title:WPS Prourl:https://www.optoma.com/us/product/wps-pro/
Trust: 0.8
title:Top Pageurl:https://www.teq-avit.com/
Trust: 0.8
title:PN-L703WAurl:https://jp.sharp/business/bigpad/lineup/pnl703wa/
Trust: 0.8
title:CVE-2019-3929url:https://github.com/xfox64x/CVE-2019-3929 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/developer3000S/PoC-in-GitHub 
Trust: 0.1
title:CVE-POCurl:https://github.com/0xT11/CVE-POC 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/hectorgie/PoC-in-GitHub 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/nomi-sec/PoC-in-GitHub 
Trust: 0.1
title:Threatposturl:https://threatpost.com/bugs-wireless-presentation-systems/144318/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2019-3929 // 
            
            
            
            JVNDB: JVNDB-2019-004073

EXTERNAL IDS
db:NVDid:CVE-2019-3929
Trust: 2.6
db:TENABLEid:TRA-2019-20
Trust: 2.6
db:EXPLOIT-DBid:46786
Trust: 1.8
db:PACKETSTORMid:155948
Trust: 1.8
db:PACKETSTORMid:152715
Trust: 1.8
db:JVNDBid:JVNDB-2019-004073
Trust: 0.8
db:CNNVDid:CNNVD-201904-1386
Trust: 0.7
db:EXPLOIT-DBid:47924
Trust: 0.6
db:VULHUBid:VHN-155364
Trust: 0.1
db:VULMONid:CVE-2019-3929
Trust: 0.1
sources:
            
            
            VULHUB: VHN-155364 // 
            
            
            
            VULMON: CVE-2019-3929 // 
            
            
            
            JVNDB: JVNDB-2019-004073 // 
            
            
            
            CNNVD: CNNVD-201904-1386 // 
            
            
            
            NVD: CVE-2019-3929

REFERENCES
url:http://packetstormsecurity.com/files/152715/barco-awind-oem-presentation-platform-unauthenticated-remote-command-injection.html
Trust: 3.0
url:https://www.tenable.com/security/research/tra-2019-20
Trust: 2.6
url:https://www.exploit-db.com/exploits/46786/
Trust: 1.8
url:http://packetstormsecurity.com/files/155948/barco-wepresent-file_transfer.cgi-command-injection.html
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-3929
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3929
Trust: 0.8
url:https://www.exploit-db.com/exploits/46786
Trust: 0.7
url:https://www.exploit-db.com/exploits/47924
Trust: 0.6
url:https://packetstormsecurity.com/files/155948/barco-wepresent-file/transfer.cgi-command-injection.html
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://github.com/xfox64x/cve-2019-3929
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-155364 // 
            
            
            
            VULMON: CVE-2019-3929 // 
            
            
            
            JVNDB: JVNDB-2019-004073 // 
            
            
            
            CNNVD: CNNVD-201904-1386 // 
            
            
            
            NVD: CVE-2019-3929

CREDITS
Jacob Baines
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201904-1386

SOURCES
db:VULHUBid:VHN-155364
db:VULMONid:CVE-2019-3929
db:JVNDBid:JVNDB-2019-004073
db:CNNVDid:CNNVD-201904-1386
db:NVDid:CVE-2019-3929

LAST UPDATE DATE
2024-11-23T21:37:29.364000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-155364date:2020-10-16T00:00:00
db:VULMONid:CVE-2019-3929date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2019-004073date:2019-05-27T00:00:00
db:CNNVDid:CNNVD-201904-1386date:2020-10-28T00:00:00
db:NVDid:CVE-2019-3929date:2024-11-21T04:42:53.067

SOURCES RELEASE DATE
db:VULHUBid:VHN-155364date:2019-04-30T00:00:00
db:VULMONid:CVE-2019-3929date:2019-04-30T00:00:00
db:JVNDBid:JVNDB-2019-004073date:2019-05-27T00:00:00
db:CNNVDid:CNNVD-201904-1386date:2019-04-30T00:00:00
db:NVDid:CVE-2019-3929date:2019-04-30T21:29:00.713