CVE-2017-16709

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-16709. PoCs published by Metasploit, including Metasploit module exploits/linux/snmp/awind_snmp_exec.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in AwindInc and OEM'ed products via SNMP. It injects a payload into the SNMP OID `1.3.6.1.4.1.3212.100.3.2.9.1.0`, which is then executed by triggering a firmware upgrade process.

Description

Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/47353

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in AwindInc and OEM'ed products via SNMP. It injects a payload into the SNMP OID `1.3.6.1.4.1.3212.100.3.2.9.1.0`, which is then executed by triggering a firmware upgrade process.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AwindInc SNMP Service (Crestron Airmedia AM-100/AM-101, Awind WiPG-1600w/2000d, Barco wePresent 2000, Newline Trucast 2/3)

Auth required

Prerequisites: SNMP read-write community string · Network access to SNMP service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/snmp/awind_snmp_exec.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in AwindInc and OEM'ed products via SNMP. It injects a payload into the SNMP OID `1.3.6.1.4.1.3212.100.3.2.9.1.0`, which is then executed when the firmware upgrade process is triggered.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AwindInc SNMP Service (Crestron Airmedia AM-100/101, Awind WiPG-1600w/2000d, Barco wePresent 2000, Newline Trucast 2/3)

Auth required

Prerequisites: SNMP read-write community string · Network access to the target device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet#CVE-2017-16709

Third Party Advisory x_refsource_misc

https://www.tenable.com/security/research/tra-2019-20

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/154362/AwindInc-SNMP-Service-Command-Injection.html

Crestron Airmedia <1.6.0, <2.7.0 - RCE

Exploitation Summary

Description

Exploits (2)

References (3)

Scores

Details