Skip to main content

Airmedia Am 100 Firmware

3 CVEs product

Monthly

CVE-2019-3910 CRITICAL POC Act Now

Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Airmedia Am 100 Firmware
NVD
CVSS 3.0
9.1
EPSS
8.6%
CVE-2016-5640 CRITICAL Emergency

Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 52.3% and no vendor patch available.

Path Traversal Command Injection Airmedia Am 100 Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
52.3%
CVE-2016-5639 HIGH POC THREAT Act Now

Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Path Traversal Airmedia Am 100 Firmware
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
47.8%
Threat
4.4
EPSS 9% CVSS 9.1
CRITICAL POC Act Now

Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Airmedia Am 100 Firmware
NVD
EPSS 52% CVSS 9.8
CRITICAL Emergency

Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 52.3% and no vendor patch available.

Path Traversal Command Injection Airmedia Am 100 Firmware
NVD GitHub
EPSS 48% 4.4 CVSS 7.5
HIGH POC THREAT Act Now

Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 47.8%.

Path Traversal Airmedia Am 100 Firmware
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy