Lucene search
K

8 matches found

Nuclei
Nuclei
added 2 days ago87 views

Crestron Device - Credentials Disclosure

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...

10CVSS7AI score0.75711EPSS
Exploits5References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:27 p.m.8 views

CVE-2022-23178

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...

10CVSS6.8AI score0.75711EPSS
Exploits5References1
0day.today
0day.today
added 2022/01/18 12:0 a.m.283 views

Creston Web Interface 1.0.0.2159 - Credential Disclosure Vulnerability

Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...

10CVSS9.7AI score0.75711EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/01/18 12:0 a.m.340 views

Creston Web Interface 1.0.0.2159 - Credential Disclosure

Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...

10CVSS9.7AI score0.75711EPSS
Exploits5
Circl
Circl
added 2022/01/15 6:50 p.m.65 views

CVE-2022-23178

creationtimestamp| type| source ---|---|--- 2022-01-15 18:50:39+00:00| seen| https://t.me/cibsecurity/35645 2024-11-25 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-11-25 2024-11-29 00:00:00+00:00| exploited| The Shadowserver...

10CVSS7.3AI score0.75711EPSS
In wildExploits5References4
CVE
CVE
added 2022/01/15 2:40 p.m.113 views

CVE-2022-23178

CVE-2022-23178 affects Crestron HD-MD4X2-4K-E devices (firmware v1.0.0.2159). The unauthenticated admin web interface exposes credentials by sending a JSON payload with uname and upassword via aj.html, enabling login to the web interface. Impact is high (full authentication/password disclosure wi...

10CVSS9.3AI score0.75711EPSS
In wildExploits5References1Affected Software1
0day.today
0day.today
added 2022/01/13 12:0 a.m.489 views

Crestron HD-MD4X2-4K-E 1.0.0.2159 Credential Disclosure Vulnerability

Crestron HD-MD4X2-4K-E version 1.0.0.2159 suffers from a credential disclosure vulnerability. When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface. Credential Disclosure...

10CVSS0.3AI score0.75711EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/01/12 12:0 a.m.351 views

Crestron HD-MD4X2-4K-E 1.0.0.2159 Credential Disclosure

Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface. Details ======= Product: Crestron HD-MD4X2-4K-E...

9.7AI score0.75711EPSS
Exploits5
Rows per page
Query Builder