Vulnerabilities > Crestron > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-30 | CVE-2019-3931 | Argument Injection or Modification vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. | 8.8 |
| 2018-08-10 | CVE-2018-13341 | Unspecified vulnerability in Crestron MC3 Firmware and Tsw-X60 Firmware Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. | 8.8 |
| 2018-07-11 | CVE-2017-16709 | Unspecified vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors. | 7.2 |
| 2016-08-03 | CVE-2016-5671 | Cross-Site Request Forgery (CSRF) vulnerability in Crestron Dm-Txrx-100-Str Firmware 1.2866.00026 Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2016-08-03 | CVE-2016-5639 | Path Traversal vulnerability in Crestron Airmedia Am-100 Firmware 1.2.1/1.4.0.12 Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. | 7.5 |