cvelistv5 - cve-2019-3930

cve-2019-3930

Vulnerability from cvelistv5

Published

2019-04-30 20:25

Modified

2024-08-04 19:26

Severity ?

Summary

References

▼	URL	Tags
	vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2019-20	Exploit, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2019-20	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	Crestron	Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.	Version: Crestron AM-100 firmware 1.6.0.2 Version: Crestron AM-101 firmware 2.7.0.1 Version: Barco wePresent WiPG-1000P firmware 2.3.0.10 Version: Barco wePresent WiPG-1600W before firmware 2.4.1.19 Version: Extron ShareLink 200/250 firmware 2.0.3.4 Version: Teq AV IT WIPS710 firmware 1.1.0.7 Version: SHARP PN-L703WA firmware 1.4.2.3 Version: Optoma WPS-Pro firmware 1.0.0.5 Version: Blackbox HD WPS firmware 1.0.0.5 Version: InFocus LiteShow3 firmware 1.0.16 Version: and InFocus LiteShow4 2.0.0.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:26:27.743Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2019-20"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.",
          "vendor": "Crestron",
          "versions": [
            {
              "status": "affected",
              "version": "Crestron AM-100 firmware 1.6.0.2"
            },
            {
              "status": "affected",
              "version": "Crestron AM-101 firmware 2.7.0.1"
            },
            {
              "status": "affected",
              "version": "Barco wePresent WiPG-1000P firmware 2.3.0.10"
            },
            {
              "status": "affected",
              "version": "Barco wePresent WiPG-1600W before firmware 2.4.1.19"
            },
            {
              "status": "affected",
              "version": "Extron ShareLink 200/250 firmware 2.0.3.4"
            },
            {
              "status": "affected",
              "version": "Teq AV IT WIPS710 firmware 1.1.0.7"
            },
            {
              "status": "affected",
              "version": "SHARP PN-L703WA firmware 1.4.2.3"
            },
            {
              "status": "affected",
              "version": "Optoma WPS-Pro firmware 1.0.0.5"
            },
            {
              "status": "affected",
              "version": "Blackbox HD WPS firmware 1.0.0.5"
            },
            {
              "status": "affected",
              "version": "InFocus LiteShow3 firmware 1.0.16"
            },
            {
              "status": "affected",
              "version": "and InFocus LiteShow4 2.0.0.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-30T20:25:56",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2019-20"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2019-3930",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Crestron AM-100 firmware 1.6.0.2"
                          },
                          {
                            "version_value": "Crestron AM-101 firmware 2.7.0.1"
                          },
                          {
                            "version_value": "Barco wePresent WiPG-1000P firmware 2.3.0.10"
                          },
                          {
                            "version_value": "Barco wePresent WiPG-1600W before firmware 2.4.1.19"
                          },
                          {
                            "version_value": "Extron ShareLink 200/250 firmware 2.0.3.4"
                          },
                          {
                            "version_value": "Teq AV IT WIPS710 firmware 1.1.0.7"
                          },
                          {
                            "version_value": "SHARP PN-L703WA firmware 1.4.2.3"
                          },
                          {
                            "version_value": "Optoma WPS-Pro firmware 1.0.0.5"
                          },
                          {
                            "version_value": "Blackbox HD WPS firmware 1.0.0.5"
                          },
                          {
                            "version_value": "InFocus LiteShow3 firmware 1.0.16"
                          },
                          {
                            "version_value": "and InFocus LiteShow4 2.0.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Crestron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2019-20",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2019-20"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2019-3930",
    "datePublished": "2019-04-30T20:25:56",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-08-04T19:26:27.743Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-3930\",\"sourceIdentifier\":\"vulnreport@tenable.com\",\"published\":\"2019-04-30T21:29:00.777\",\"lastModified\":\"2024-11-21T04:42:53.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.\"},{\"lang\":\"es\",\"value\":\"El firmware Crestron AM-100 versi\u00f3n 1.6.0.2, el firmware Crestron AM-101 versi\u00f3n 2.7.0.1, Barco wePresent WiPG-1000P firmware versi\u00f3n 2.3.0.10, Barco wePresent WiPG-1600W antes del firmware versi\u00f3n 2.4.1.19, Extron ShareLink 200/250 firmware versi\u00f3n 2.0.3.4, Teq AV IT WIPS710 firmware versi\u00f3n 1.1.0.7, SHARP PN-L703WA firmware versi\u00f3n 1.4.2.3, Optoma WPS-Pro firmware versi\u00f3n 1.0.0.5, Blackbox HD WPS firmware versi\u00f3n 1.0.0.5, InFocus LiteShow3 firmware versi\u00f3n 1.0.16 e InFocus LiteShow4 versi\u00f3n 2.0.0.7 son vulnerables a un desbordamiento de b\u00fafer de pila en la funci\u00f3n PARSERtoCHAR de libAwgCgi.so. Un atacante remoto no autenticado puede usar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario como root por medio de una petici\u00f3n creada para el endpoint return.cgi.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"vulnreport@tenable.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"913135BE-8FB4-40BA-85D8-AD0F824493C3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"081E2B1B-027D-4846-8C61-54CE2D668CD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC584E7-9159-48E8-B499-F5CA68663503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4102ECBE-C362-4D67-A8B8-E0C796991A05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA49409-DD7A-443C-9C64-F7FC02AD572F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.4.1.19\",\"matchCriteriaId\":\"CC11E306-2039-4981-B0DE-F0E086E82A99\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6EDF943-F79F-4729-A15C-BEDFDAC42EA3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2A958C1-D420-4686-B16A-9F894D9D546B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9052908E-4A0A-4462-9054-FF8B81BE61AD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4452FE8E-2FF1-4920-BE15-EDB36865E436\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D0429EC-69E4-40DF-8F58-92C14B1EE30F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30DE4653-931B-4EE4-997C-EDE3B4FD1103\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C065DAA-CCAD-4551-A6D3-61A714EBEC2A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B378214-4F0E-4365-92B4-A1C1CA1BF8E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"515FE3BB-C5C9-496C-A002-E5687D5D2B00\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B85EAE85-7C54-4B93-96BA-72FCB1CFA94F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2033CAD9-390C-4AA4-A05E-951849AB16E8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2143F71D-47D5-4630-B1CF-74824682523C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5722F58-47BA-4430-8F92-FA56348FD4A9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31899CB-CC41-446A-AB84-40D2BDED1F30\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E81DF5B-9FD1-44E7-B23D-639ACAD4EED0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D361E8D9-377E-4DBB-BFAC-35CB4333A6EB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76B7C16D-C7D8-4502-B466-1D6A0183527A\"}]}]}],\"references\":[{\"url\":\"https://www.tenable.com/security/research/tra-2019-20\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2019-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint. Crestron AM-100 Firmware and other products have a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A buffer error vulnerability exists in the 'PARSERtoCHAR' function of the libAwgCgi.so file in several routers. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0321",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wepresent wipg-1000p",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "barco",
        "version": "2.3.0.10"
      },
      {
        "model": "wepresent wipg-1600w",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "barco",
        "version": "2.4.1.19"
      },
      {
        "model": "sharelink 200",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "extron",
        "version": "2.0.3.4"
      },
      {
        "model": "sharelink 250",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "extron",
        "version": "2.0.3.4"
      },
      {
        "model": "liteshow3",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "infocus",
        "version": "1.0.16"
      },
      {
        "model": "liteshow4",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "infocus",
        "version": "2.0.0.7"
      },
      {
        "model": "wps-pro",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "optoma",
        "version": "1.0.0.5"
      },
      {
        "model": "pn-l703wa",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "sharp",
        "version": "1.4.2.3"
      },
      {
        "model": "am-101",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "crestron",
        "version": "2.7.0.2"
      },
      {
        "model": "wips710",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "teqavit",
        "version": "1.1.0.7"
      },
      {
        "model": "am-100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "crestron",
        "version": "1.6.0.2"
      },
      {
        "model": "hd wireless presentation system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "blackbox",
        "version": "1.0.0.5"
      },
      {
        "model": "hd wireless presentation system",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "black box network services",
        "version": "1.0.0.5"
      },
      {
        "model": "airmedia am-100",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "crestron",
        "version": "1.6.0.2"
      },
      {
        "model": "airmedia am-101",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "crestron",
        "version": "2.7.0.1"
      },
      {
        "model": "wips710",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "teq avit",
        "version": "1.1.0.7"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:barco:wepresent_wipg-1000p_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:barco:wepresent_wipg-1600w_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:blackbox:hd_wireless_presentation_system_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:crestron:airmedia_am-100_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:crestron:airmedia_am-101_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:extron:sharelink_200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:extron:sharelink_250_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:infocus:liteshow3_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:infocus:liteshow4_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:optoma:wps-pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:teqavit:wips710_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:sharp:pn-l703wa_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      }
    ]
  },
  "cve": "CVE-2019-3930",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-3930",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-155365",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-3930",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-3930",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-3930",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-3930",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-1388",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-155365",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-3930",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint. Crestron AM-100 Firmware and other products have a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A buffer error vulnerability exists in the \u0027PARSERtoCHAR\u0027 function of the libAwgCgi.so file in several routers. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-3930",
        "trust": 2.6
      },
      {
        "db": "TENABLE",
        "id": "TRA-2019-20",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-155365",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "id": "VAR-201904-0321",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:37:29.184000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "wePresent WiPG-1000",
        "trust": 0.8,
        "url": "https://www.barco.com/en/product/wepresent-wipg-1000"
      },
      {
        "title": "wePresent WiPG-1600W",
        "trust": 0.8,
        "url": "https://www.barco.com/en/product/wepresent-wipg-1600w"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.blackbox.com/en-us"
      },
      {
        "title": "AM-100",
        "trust": 0.8,
        "url": "https://www.crestron.com/en-US/Products/Workspace-Solutions/Wireless-Presentation-Solutions/AirMedia-Presentation-Gateways/AM-100"
      },
      {
        "title": "AM-101",
        "trust": 0.8,
        "url": "https://www.crestron.com/en-US/Products/Workspace-Solutions/Wireless-Presentation-Solutions/AirMedia-Presentation-Gateways/AM-101"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.extron.com/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.infocus.com/"
      },
      {
        "title": "WPS Pro",
        "trust": 0.8,
        "url": "https://www.optoma.com/us/product/wps-pro/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.teq-avit.com/"
      },
      {
        "title": "PN-L703WA",
        "trust": 0.8,
        "url": "https://jp.sharp/business/bigpad/lineup/pnl703wa/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/bugs-wireless-presentation-systems/144318/"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-121",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.tenable.com/security/research/tra-2019-20"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3930"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3930"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/bugs-wireless-presentation-systems/144318/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "date": "2019-04-30T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "date": "2019-05-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "date": "2019-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "date": "2019-04-30T21:29:00.777000",
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-155365"
      },
      {
        "date": "2020-10-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-3930"
      },
      {
        "date": "2019-05-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      },
      {
        "date": "2020-10-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      },
      {
        "date": "2024-11-21T04:42:53.220000",
        "db": "NVD",
        "id": "CVE-2019-3930"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Crestron AM-100 Buffer error vulnerability in products such as firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004039"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-1388"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2019-3930

Vulnerability from fkie_nvd

Published

2019-04-30 21:29

Modified

2024-11-21 04:42

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

▼	URL	Tags
	vulnreport@tenable.com	https://www.tenable.com/security/research/tra-2019-20	Exploit, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.tenable.com/security/research/tra-2019-20	Exploit, Third Party Advisory

Impacted products

Vendor	Product	Version
crestron	am-100_firmware	1.6.0.2
crestron	am-100	-
crestron	am-101_firmware	2.7.0.2
crestron	am-101	-
barco	wepresent_wipg-1000p_firmware	2.3.0.10
barco	wepresent_wipg-1000p	-
barco	wepresent_wipg-1600w_firmware	*
barco	wepresent_wipg-1600w	-
extron	sharelink_200_firmware	2.0.3.4
extron	sharelink_200	-
extron	sharelink_250_firmware	2.0.3.4
extron	sharelink_250	-
teqavit	wips710_firmware	1.1.0.7
teqavit	wips710	-
sharp	pn-l703wa_firmware	1.4.2.3
sharp	pn-l703wa	-
optoma	wps-pro_firmware	1.0.0.5
optoma	wps-pro	-
blackbox	hd_wireless_presentation_system_firmware	1.0.0.5
blackbox	hd_wireless_presentation_system	-
infocus	liteshow3_firmware	1.0.16
infocus	liteshow3	-
infocus	liteshow4_firmware	2.0.0.7
infocus	liteshow4	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "913135BE-8FB4-40BA-85D8-AD0F824493C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "081E2B1B-027D-4846-8C61-54CE2D668CD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AC584E7-9159-48E8-B499-F5CA68663503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AB0523-6EFF-4C78-A8BA-B2764DBB04D0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4102ECBE-C362-4D67-A8B8-E0C796991A05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA49409-DD7A-443C-9C64-F7FC02AD572F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC11E306-2039-4981-B0DE-F0E086E82A99",
              "versionEndExcluding": "2.4.1.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6EDF943-F79F-4729-A15C-BEDFDAC42EA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2A958C1-D420-4686-B16A-9F894D9D546B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9052908E-4A0A-4462-9054-FF8B81BE61AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4452FE8E-2FF1-4920-BE15-EDB36865E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D0429EC-69E4-40DF-8F58-92C14B1EE30F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DE4653-931B-4EE4-997C-EDE3B4FD1103",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C065DAA-CCAD-4551-A6D3-61A714EBEC2A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B378214-4F0E-4365-92B4-A1C1CA1BF8E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515FE3BB-C5C9-496C-A002-E5687D5D2B00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85EAE85-7C54-4B93-96BA-72FCB1CFA94F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2033CAD9-390C-4AA4-A05E-951849AB16E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2143F71D-47D5-4630-B1CF-74824682523C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5722F58-47BA-4430-8F92-FA56348FD4A9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31899CB-CC41-446A-AB84-40D2BDED1F30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E81DF5B-9FD1-44E7-B23D-639ACAD4EED0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D361E8D9-377E-4DBB-BFAC-35CB4333A6EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B7C16D-C7D8-4502-B466-1D6A0183527A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint."
    },
    {
      "lang": "es",
      "value": "El firmware Crestron AM-100 versi\u00f3n 1.6.0.2, el firmware Crestron AM-101 versi\u00f3n 2.7.0.1, Barco wePresent WiPG-1000P firmware versi\u00f3n 2.3.0.10, Barco wePresent WiPG-1600W antes del firmware versi\u00f3n 2.4.1.19, Extron ShareLink 200/250 firmware versi\u00f3n 2.0.3.4, Teq AV IT WIPS710 firmware versi\u00f3n 1.1.0.7, SHARP PN-L703WA firmware versi\u00f3n 1.4.2.3, Optoma WPS-Pro firmware versi\u00f3n 1.0.0.5, Blackbox HD WPS firmware versi\u00f3n 1.0.0.5, InFocus LiteShow3 firmware versi\u00f3n 1.0.16 e InFocus LiteShow4 versi\u00f3n 2.0.0.7 son vulnerables a un desbordamiento de b\u00fafer de pila en la funci\u00f3n PARSERtoCHAR de libAwgCgi.so. Un atacante remoto no autenticado puede usar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario como root por medio de una petici\u00f3n creada para el endpoint return.cgi."
    }
  ],
  "id": "CVE-2019-3930",
  "lastModified": "2024-11-21T04:42:53.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-30T21:29:00.777",
  "references": [
    {
      "source": "vulnreport@tenable.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2019-20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/research/tra-2019-20"
    }
  ],
  "sourceIdentifier": "vulnreport@tenable.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "vulnreport@tenable.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-xp69-2936-4v92

Vulnerability from github

Published

2022-05-24 16:44

Modified

2022-05-24 16:44

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-3930"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-04-30T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.",
  "id": "GHSA-xp69-2936-4v92",
  "modified": "2022-05-24T16:44:59Z",
  "published": "2022-05-24T16:44:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3930"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/research/tra-2019-20"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2019-3930

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2019-3930

Aliases

CVE-2019-3930

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-3930",
    "description": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.",
    "id": "GSD-2019-3930"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-3930"
      ],
      "details": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint.",
      "id": "GSD-2019-3930",
      "modified": "2023-12-13T01:24:04.739020Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vulnreport@tenable.com",
        "ID": "CVE-2019-3930",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4.",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Crestron AM-100 firmware 1.6.0.2"
                        },
                        {
                          "version_value": "Crestron AM-101 firmware 2.7.0.1"
                        },
                        {
                          "version_value": "Barco wePresent WiPG-1000P firmware 2.3.0.10"
                        },
                        {
                          "version_value": "Barco wePresent WiPG-1600W before firmware 2.4.1.19"
                        },
                        {
                          "version_value": "Extron ShareLink 200/250 firmware 2.0.3.4"
                        },
                        {
                          "version_value": "Teq AV IT WIPS710 firmware 1.1.0.7"
                        },
                        {
                          "version_value": "SHARP PN-L703WA firmware 1.4.2.3"
                        },
                        {
                          "version_value": "Optoma WPS-Pro firmware 1.0.0.5"
                        },
                        {
                          "version_value": "Blackbox HD WPS firmware 1.0.0.5"
                        },
                        {
                          "version_value": "InFocus LiteShow3 firmware 1.0.16"
                        },
                        {
                          "version_value": "and InFocus LiteShow4 2.0.0.7"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Crestron"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-121 Stack-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.tenable.com/security/research/tra-2019-20",
            "refsource": "MISC",
            "url": "https://www.tenable.com/security/research/tra-2019-20"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:am-100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:crestron:am-101_firmware:2.7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:crestron:am-101:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:barco:wepresent_wipg-1000p_firmware:2.3.0.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:barco:wepresent_wipg-1000p:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.4.1.19",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:extron:sharelink_200_firmware:2.0.3.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:extron:sharelink_200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:extron:sharelink_250_firmware:2.0.3.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:extron:sharelink_250:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:teqavit:wips710_firmware:1.1.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:teqavit:wips710:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sharp:pn-l703wa_firmware:1.4.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sharp:pn-l703wa:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:optoma:wps-pro_firmware:1.0.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:optoma:wps-pro:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:blackbox:hd_wireless_presentation_system_firmware:1.0.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:blackbox:hd_wireless_presentation_system:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:infocus:liteshow3_firmware:1.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:infocus:liteshow3:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:infocus:liteshow4_firmware:2.0.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:infocus:liteshow4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2019-3930"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so\u0027s PARSERtoCHAR function. A remote, unauthenticated attacker can use this vulnerability to execute arbitrary code as root via a crafted request to the return.cgi endpoint."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2019-20",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.tenable.com/security/research/tra-2019-20"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-10-16T18:30Z",
      "publishedDate": "2019-04-30T21:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2019-3930

Vulnerability from cvelistv5

var-201904-0321

Vulnerability from variot

fkie_cve-2019-3930

Vulnerability from fkie_nvd

ghsa-xp69-2936-4v92

Vulnerability from github

gsd-2019-3930

Vulnerability from gsd

Tags

Sightings

Nomenclature