Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Crestron Subscribe
Filtered by product Am-101

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3936 1 Crestron 4 Am-100, Am-100 Firmware, Am-101 and 1 more 2021-11-02 5.0 MEDIUM 7.5 HIGH
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. The request will force the slideshow to transition into a "stopped" state. A remote, unauthenticated attacker can use this vulnerability to stop an active slideshow.
CVE-2019-3931 1 Crestron 4 Am-100, Am-100 Firmware, Am-101 and 1 more 2020-10-16 9.0 HIGH 8.8 HIGH
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately execute code as root.
CVE-2019-3937 1 Crestron 4 Am-100, Am-100 Firmware, Am-101 and 1 more 2020-10-16 2.1 LOW 7.8 HIGH
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.
CVE-2019-3935 1 Crestron 4 Am-100, Am-100 Firmware, Am-101 and 1 more 2019-10-09 6.4 MEDIUM 7.5 HIGH
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows.
CVE-2019-3938 1 Crestron 4 Am-100, Am-100 Firmware, Am-101 and 1 more 2019-10-09 2.1 LOW 7.8 HIGH
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. The configuration file is encrypted using the awenc binary. The same binary can be used to decrypt any configuration file since all the encryption logic is hard coded. A local attacker can use this vulnerability to gain access to devices username and passwords.