Vulnerability Details CVE-2019-3939
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.042
EPSS Ranking 88.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-3939
-
cpe:2.3:h:crestron:am-100:-
-
cpe:2.3:h:crestron:am-101:-
-
cpe:2.3:o:crestron:am-100_firmware:1.6.0.2
-
cpe:2.3:o:crestron:am-101_firmware:2.7.0.2