Crestron HD-MD4X2-4K-E version 1.0.0.2159 suffers from a credential disclosure vulnerability. When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are disclosed which are valid to authenticate to the web interface.
2cdcf800ce58540afa4f5cf6fc99e149ababce5250885bbed00e0cc15d0c8f70