Critical severity9.8NVD Advisory· Published Jan 15, 2022· Updated Jun 17, 2026
CVE-2022-23178
CVE-2022-23178
Description
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Crestron/HD-MD4X2-4K-Edescription
- Range: = 1.0.0.2159
Patches
Vulnerability mechanics
References
1- www.redteam-pentesting.de/advisories/rt-sa-2021-009nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.