Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crestron am-101 firmware 2.7.0.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-3925
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
9.8
CVSSv3
CVE-2019-3926
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
7.8
CVSSv3
CVE-2019-3937
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
9.8
CVSSv3
CVE-2019-3939
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
9.8
CVSSv3
CVE-2019-3932
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5.3
CVSSv3
CVE-2019-3928
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become th...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5.3
CVSSv3
CVE-2019-3933
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the acce...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
9.1
CVSSv3
CVE-2019-3935
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slidesh...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5.3
CVSSv3
CVE-2019-3934
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
8.8
CVSSv3
CVE-2019-3931
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately exec...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »