25 matches found
EUVD-2018-5288
Malware in sbrugna...
EUVD-2018-2702
Malware in sbrugna...
Crestron Multiple Products CTP Console LAUNCH Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Crestron Crestron's WindowCE-based products. Authentication is required to exploit this vulnerability. The specific flaw exists within the engineer built-in account that enables a hidden 'LAUNC...
Crestron Multiple Products CTP Console REMOVEDIR Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REMOVEDIR command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console PING Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PING command of the CTP console. The issue results from the lack...
Crestron Multiple Products CTP Console FGETFILE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FGETFILE command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console RESTARTSERVICE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RESTARTSERVICE command of the CTP console. The issue results fro...
Crestron Multiple Products CTP Console WIFIWEPHEXPASSWORD Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WIFIWEPHEXPASSWORD command of the CTP console. The issue results...
Crestron Multiple Products CTP Console ROUTEADD Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ROUTEADD command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console ROUTEDELETE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ROUTEDELETE command of the CTP console. The issue results from t...
Crestron Multiple Products CTP Console WIFISSID Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WIFISSID command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console ISDIR Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ISDIR command of the CTP console. The issue results from the lac...
Crestron Multiple Products CTP Console UPDATEPASSWORD Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is required to exploit this vulnerability. The specific flaw exists within the UPDATEPASSWORD command of the CTP console. The issue results from th...
Crestron Multiple Products CTP Console FPUTFILE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FPUTFILE command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console DELETE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DELETE command of the CTP console. The issue results from the la...
Crestron Multiple Products CTP Console UDIR Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UDIR command of the CTP console. The issue results from the lack...
Crestron Multiple Products CTP Console MAKEDIR Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MAKEDIR command of the CTP console. The issue results from the...
Crestron Multiple Products CTP Console WIFIWEPPASSWORD Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WIFIWEPPASSWORD command of the CTP console. The issue results fr...
Crestron Multiple Products CTP Console ADDUSER Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is required to exploit this vulnerability. The specific flaw exists within the ADDUSER command of the CTP console. The issue results from the lack ...
Crestron Multiple Products CTP Console COPYFILE Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the COPYFILE command of the CTP console. The issue results from the...