8 matches found
CVE-2019-3929
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pr...
Barco WePresent - file_transfer.cgi Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...
Barco WePresent - file_transfer.cgi Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...
Barco WePresent file_transfer.cgi Command Injection
This module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the filetransfer.cgi endpoint. This module requires Metasploit: https://metasploit.com/download Current...
CVE-2019-3929
creationtimestamp| type| source ---|---|--- 2019-12-17 14:15:18+00:00| seen| MISP/5df8e293-8fe4-4dc0-a0c4-4c3502de0b81 2020-01-14 14:39:17+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/wepresentcmdinjection.rb 2020-01-15 00:00:00+00:00|...
Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection
Exploit Title: Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection Date: 05/01/2019 Exploit Author: Jacob Baines Tested on: Crestron AM-100 1.6.0.2 CVE : CVE-2019-3929 PoC Video: https://www.youtube.com/watch?v=q-PIjnPcu2k Advisory:...
Crestron AM/Barco wePresent WiPG/Extron ShareLink/Teq AV IT/SHARP PN-L703WA/Optoma WPS-Pro/Blackbox HD WPS/InFocus LiteShow - Remote Command Injection
Exploit Title: Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection Date: 05/01/2019 Exploit Author: Jacob Baines Tested on: Crestron AM-100 1.6.0.2 CVE : CVE-2019-3929 PoC Video: https://www.youtube.com/watch?v=q-PIjnPcu2k Advisory:...
CVE-2019-3929
CVE-2019-3929 is a remote, unauthenticated command-injection vulnerability exploitable via the file_transfer.cgi HTTP endpoint. Affected devices include Crestron AM-100 (firmware 1.6.0.2) and AM-101 (2.7.0.1); Barco wePresent WiPG-1000P (2.3.0.10) and WiPG-1600W prior to 2.4.1.19; Extron ShareLin...