Lucene search
K

4 matches found

CNVD
CNVD
added 2018/07/13 12:0 a.m.4 views

Crestron AirMedia AM-100 and AM-101 Cross-Site Scripting Vulnerabilities

The Crestron AirMedia AM-100 and AM-101 are both gateway products from Crestron Electronics USA. A cross-site scripting vulnerability exists in the Crestron Airmedia AM-100 using firmware versions prior to 1.6.0 and the AM-101 using firmware versions prior to 2.7.0. A remote attacker can exploit...

4.8CVSS4.9AI score0.00611EPSS
Exploits0References1
CNVD
CNVD
added 2016/08/04 12:0 a.m.27 views

Crestron AirMedia AM-100 cgi-bin/login.cgi Directory Traversal Vulnerability

The Crestron AirMedia AM-100 is a gateway product from Crestron Electronics, USA. A directory traversal vulnerability in the cgi-bin/login.cgi file in the Crestron AirMedia AM-100 device allows remote attackers to submit a special request to read arbitrary files...

7.5CVSS6.9AI score0.20842EPSS
Exploits4References1
OSV
OSV
added 2016/08/03 1:59 a.m.2 views

CVE-2016-5640

Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. dot dot in the ATECOMMAND parameter...

9.8CVSS6.1AI score0.17707EPSS
Exploits0References3
CERT
CERT
added 2016/08/01 12:0 a.m.56 views

Crestron AirMedia AM-100 contains multiple vulnerabilities

Overview The Crestron AirMedia AM-100 with firmware prior to version 1.4.0.13 is vulnerable to path traversal and command injection. Description CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' - CVE-2016-5639 A path traversal vulnerability exists in login.cgi...

10CVSS8.4AI score0.20842EPSS
Exploits4References5
Rows per page
Query Builder