On AVTECH Room Alert 3E devices prior to 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avtech room_alert_3e_firmware |