Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Airmedia Am-100 Firmware Security Vulnerabilities - CVSS Score 9 - 10

cve
cve

CVE-2016-5640

Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.

9.8CVSS

9.7AI Score

0.005EPSS

2016-08-03 01:59 AM
22
cve
cve

CVE-2019-3910

Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.

9.1CVSS

9.3AI Score

0.003EPSS

2019-01-18 06:29 PM
22