Vulnerabilities > Crestron > Airmedia AM 100

DATE CVE VULNERABILITY TITLE RISK
2019-01-18 CVE-2019-3910 Unspecified vulnerability in Crestron Airmedia Am-100 Firmware
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script.
network
low complexity
crestron
8.5
2018-07-11 CVE-2017-16710 Cross-site Scripting vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware
Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
crestron CWE-79
3.5
2018-07-11 CVE-2017-16709 Unspecified vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware
Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.
network
low complexity
crestron
6.5
2016-08-03 CVE-2016-5640 Command Injection vulnerability in Crestron Airmedia Am-100 Firmware
Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a ..
network
low complexity
crestron CWE-77
critical
10.0
2016-08-03 CVE-2016-5639 Path Traversal vulnerability in Crestron Airmedia Am-100 Firmware
Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a ..
network
low complexity
crestron CWE-22
5.0