Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crestron am-101 firmware 2.7.0.2 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2019-3925
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
445
VMScore
CVE-2019-3928
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become th...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
801
VMScore
CVE-2019-3931
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately exec...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
668
VMScore
CVE-2019-3932
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
445
VMScore
CVE-2019-3933
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the acce...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
445
VMScore
CVE-2019-3934
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
570
VMScore
CVE-2019-3935
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slidesh...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
445
VMScore
CVE-2019-3936
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vu...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
668
VMScore
CVE-2019-3939
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use these credentials to gain privileged access to the device.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
890
VMScore
CVE-2019-3926
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »