virus logo Intrusion Prevention

AwindInc.SNMP.Service.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit an Remote Code Execution Vulnerability in AwindInc products and its OEM'ed products.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted SNMP packet. A remote, unauthenticated attacker can exploit this to execute arbitrary code in the context of the server application.

affected-products-logoAffected Products

Crestron Airmedia AM-100 version 1.5.0.4 and prior
Crestron Airmedia AM-101 version 2.5.0.12 and prior
Awind WiPG-1600w version 2.0.1.8 and prior
Awind WiPG-2000d version 2.1.6.2 and prior
Barco wePresent 2000 version 2.1.5.7 and prior
Newline Trucast 2 version 2.1.0.5 and prior
Newline Trucast 3 version 2.1.3.7 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-12-31 15.751 Default_action:pass:drop
2019-12-18 15.747
ID 48587
Created Dec 18, 2019
Updated Dec 30, 2019
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2017-16709
Exploit Prediction Score 69.84%
Default Action drop
Active
Affected OS Linux, BSD
Affected App Other