Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
crestron vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-13341
Crestron TSW-X60 all versions before 2.001.0037.001 and MC3 all versions before 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow t...
Crestron Tsw-x60 Firmware
Crestron Mc3 Firmware
2 Github repositories
3.5
CVSSv2
CVE-2017-16710
Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware prior to 1.6.0 and AM-101 devices with firmware prior to 2.7.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Crestron Airmedia Am-100 Firmware
Crestron Airmedia Am-101 Firmware
2.1
CVSSv2
CVE-2019-3937
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
2.1
CVSSv2
CVE-2019-3938
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary ...
Crestron Am-100 Firmware 1.6.0.2
Crestron Am-101 Firmware 2.7.0.2
NA
CVE-2023-6926
There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access.
Crestron Am-300 Firmware 1.4499.00018
NA
CVE-2023-38405
On Crestron 3-Series Control Systems prior to 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
Crestron Cp3n 6505417 Firmware
Crestron Cp3 6504877 Firmware
Crestron Cp3-gv 6506034 Firmware
NA
CVE-2022-40298
Crestron AirMedia for Windows prior to 5.5.1.84 has insecure inherited permissions, which leads to a privilege escalation vulnerability found in the AirMedia Windows Application, version 4.3.1.39. A low privileged user can initiate a repair of the system and gain a SYSTEM level s...
Crestron Airmedia 4.3.1.39
NA
CVE-2022-34101
A vulnerability exists in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can place a malicious DLL in a certain path to execute code and preform a privilege escalation attack.
Crestron Airmedia 4.3.1.39
NA
CVE-2022-34102
Insufficient access control vulnerability exists in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.
Crestron Airmedia 4.3.1.39
NA
CVE-2022-34100
A vulnerability exists in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that fi...
Crestron Airmedia 4.3.1.39
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4