QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-3926

Back to search

CVE-2019-3926

Published: Apr 30, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.

VendorProductVersions

Crestron

Crestron AirMedia

affected
AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now