Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crestron vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-3927
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator passwords via the iso.3.6.1.4.1.3212.100.3.2.8.1 and iso.3.6.1.4.1.3212.100.3.2.8.2 OIDs. A remote, unauthenticated attacker can use this vulnerability to chan...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5
CVSSv2
CVE-2019-3928
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a restricted presentation or to become th...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
9
CVSSv2
CVE-2019-3931
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately exec...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5
CVSSv2
CVE-2019-3933
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. A remote, unauthenticated attacker can use this vulnerability to watch a slideshow without knowing the acce...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
2.1
CVSSv2
CVE-2019-3937
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
7.5
CVSSv2
CVE-2019-3932
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. A remote, unauthenticated attacker can use this vulnerability to control external devices via the uart_bridge.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5
CVSSv2
CVE-2019-3934
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
6.4
CVSSv2
CVE-2019-3935
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slidesh...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5
CVSSv2
CVE-2019-3936
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vu...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
5
CVSSv2
CVE-2020-16839
On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed by sending an unauthenticated WebSocket request.
Crestron Dm-nvx-dir-80 Firmware 1.0.1.788
Crestron Dm-nvx-dir-160 Firmware 1.0.1.788
Crestron Dm-nvx-dir-ent Firmware 1.0.1.788
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »