Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
crestron am-100_firmware 1.6.0.2 |
||
crestron am-101_firmware 2.7.0.2 |