High severity8.8NVD Advisory· Published Apr 30, 2019· Updated Jun 17, 2026
CVE-2019-3931
CVE-2019-3931
Description
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. A remote, authenticated attacker can use this vulnerability to upload files to the device and ultimately execute code as root.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Crestron/Crestron AirMediav5Range: AM-100 firmware 1.6.0.2 and AM-101 firmware 2.7.0.2
Patches
Vulnerability mechanics
References
1- www.tenable.com/security/research/tra-2019-20nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.