Crestron Multiple Products CTP Console LAUNCH Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Crestron Crestron's WindowCE-based products. Authentication is required to exploit this vulnerability. The specific flaw exists within the engineer built-in account that enables a hidden 'LAUNC...