Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a … (dot dot) in the ATE_COMMAND parameter.
CPE | Name | Operator | Version |
---|---|---|---|
airmedia_am-100_firmware | le | 1.2.1 |