Crestron Airmedia Am-100 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Crestron Airmedia Am-100 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2016-5640 — CVSS 9.8 (critical): Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote…
CVE-2019-3910 — CVSS 9.1 (critical): Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated…
CVE-2016-5639 — CVSS 7.5 (high): Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote…
CVE-2017-16709 — CVSS 7.2 (high): Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated…
CVE-2017-16710 — CVSS 4.8 (medium): Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware…