Crestron DGE-100 Continuous Name Change Denial of Service

Binary data 720268.prm...

Command injection

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access...

CVE-2018-5553

The connected advisories confirm CVE-2018-5553 affects Crestron Console services on DGE-100, DM-DGE-200-C, and TS-1542-C devices. The flaw enables remote command injection via the PING command due to improper input validation, allowing code execution with root privileges. Exploitation requires no...

CVE-2018-5553 Crestron DGE-100 Console Command Injection (FIXED)

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access...