Products

    Pages

        AM-100_AM-101

        Important: By downloading any software or firmware from Crestron's website or FTP servers you have read and agree to the Terms of the Licenses

        Version: AM-100 1.7.0 / AM-101 2.8.0 I Agree to The Terms of the License, Download Now
        Last Modified: 5/9/2019 2:36:44 PM Release Notes


        Change Log:

        Known Issues
        • HTTPS uses a self-signed certificate. Many web browsers will show a warning when connecting to the administration and moderation pages. It is safe to disregard this error; the information is still encrypted.
        • Using multiple interfaces (for example SIMPL programming and the web pages) at the same time may cause data to become out of sync. Please only use a single interface at a time.
        • If the update web page is closed during a firmware update, attempting to reconnect to the device will fail. Please wait for the update to complete before attempting to reconnect to the device. The LED on the front of the device will turn green after the firmware update indicating that it is ready for connections.
        • Device mirroring does not work within the YouTube® Application
        • Random code does not update properly on OSD when ‘Reset_Connections’ is triggered through the SIMPL Windows interface
        • When connecting to Crestron Fusion, the Fusion ID can be set to a non-allowable value. A user should only use IPID 02 when connecting to Crestron Fusion.
        • A vulnerability still exists via return.cgi as part of CVE-2019-3930, however authentication is required to access so in the meanwhile a strong admin password is recommended.
        Fixed Issues
        • Fixed an issue where the SNMP Manager is not Saved/Updated with the value provided in Text Box. SNMP Traps are not being generated as a result.
        • Fixed an issue where the Windows AirMedia sender application is stuck when a user changes screen positions multiple times on the AM-100/101 and presses Stop (requires use of new Windows application. See below)
        • Fixed an issue where a "$" character in Web UI Password which would result in not being able to login again and requiring restore.
        • Fixed an issue where SNMP displays Model number opposed to Host Name
        • Fixed an issue with AirMedia mouse cursor alignment issues (cursor seen on wireless presentation is in a different location than on the client device)
        • Fixed an issue where the AM-100/101 Resetting to Factory Default Settings as result of security scans
        • Fixed an issue where the AM-101 reboots after 10 to 15 connections and use of moderator mode
        • Fixed an issue where when attempting to airplay a Mac computer (or other Apple device) to an AM-101, the image will freeze and the AM-101 would require a reboot to recover.
        • Firmware now includes latest Windows and Mac OS AirMedia applications (Windows 3.5.1.127, Mac OS 3.1.12)
        • Resolved Security Vulnerability
          • Unauthenticated Remote OS Command Injection via file_transfer.cgi and Unauthenticated Remote Stack Buffer Overflow via file_transfer.cgi (CVE-2019-3929, CVE-2019-3930)
          • Cross-Site Scripting (CVE-2017-16710)
          • Remote Code Execution Vulnerabilities (CVE-2017-16709)
          • Remote Command Execution (Web) - (CVE-2017-16709)
          • Other Cross-Site Scripting issues – (CVE-2017-16709)
          • Stored Cross-Site Scripting (CVE-2017-16710)
          • PIN sent insecurely over connection and Insecure Transport of PIN
          • Hardcoded FTP Credentials
          • Information leakage issue using login.cgi hidden variables
          • A segmentation fault vulnerability (related to lightttd web server)


        Associated Models: