module
AwindInc SNMP Service Command Injection
| Disclosed |
|---|
| Mar 27, 2019 |
Disclosed
Mar 27, 2019
Description
This module exploits a vulnerability found in AwindInc and OEM'ed products where untrusted inputs are fed to ftpfw.sh system command, leading to command injection.
A valid SNMP read-write community is required to exploit this vulnerability.
The following devices are known to be affected by this issue:
* Crestron Airmedia AM-100 * Crestron Airmedia AM-101 * Awind WiPG-1600w * Awind WiPG-2000d * Barco wePresent 2000 * Newline Trucast 2 * Newline Trucast 3
A valid SNMP read-write community is required to exploit this vulnerability.
The following devices are known to be affected by this issue:
* Crestron Airmedia AM-100 * Crestron Airmedia AM-101 * Awind WiPG-1600w * Awind WiPG-2000d * Barco wePresent 2000 * Newline Trucast 2 * Newline Trucast 3
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.