Known Vulnerabilities for products from Crestron
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Crestron".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23178 | An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switc... | 9.8 - CRITICAL | 2022-01-15 | 2023-03-28 |
| CVE-2020-16839 | On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed b... | 7.5 - HIGH | 2021-07-30 | 2022-07-12 |
| CVE-2019-18184 | Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function. | 9.8 - CRITICAL | 2019-11-27 | 2022-02-10 |
| CVE-2019-3939 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/mode... | 9.8 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3938 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration o... | 7.8 - HIGH | 2019-04-30 | 2022-12-06 |
| CVE-2019-3937 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and o... | 7.8 - HIGH | 2019-04-30 | 2020-10-16 |
| CVE-2019-3936 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted reque... | 7.5 - HIGH | 2019-04-30 | 2021-11-02 |
| CVE-2019-3935 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show vi... | 9.1 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3934 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending ... | 5.3 - MEDIUM | 2019-04-30 | 2020-10-16 |
| CVE-2019-3933 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply b... | 5.3 - MEDIUM | 2019-04-30 | 2020-10-16 |
| CVE-2019-3932 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-... | 9.8 - CRITICAL | 2019-04-30 | 2022-12-06 |
| CVE-2019-3931 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl bi... | 8.8 - HIGH | 2019-04-30 | 2020-10-16 |
| CVE-2019-3930 | The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco w... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3929 | The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco w... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3928 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via... | 5.3 - MEDIUM | 2019-04-30 | 2022-12-08 |
| CVE-2019-3927 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator pass... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3926 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3925 | Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3... | 9.8 - CRITICAL | 2019-04-30 | 2020-10-16 |
| CVE-2019-3910 | Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. U... | 9.1 - CRITICAL | 2019-01-18 | 2020-08-24 |
| CVE-2018-13341 | Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special ... | 8.8 - HIGH | 2018-08-10 | 2019-10-03 |
Known software with vulnerabilities from Crestron
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Crestron | Mc3 Firmware | 1.502.0047.00 |