2 matches found
Command injection
The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access...
CVE-2018-5553
The connected advisories confirm CVE-2018-5553 affects Crestron Console services on DGE-100, DM-DGE-200-C, and TS-1542-C devices. The flaw enables remote command injection via the PING command due to improper input validation, allowing code execution with root privileges. Exploitation requires no...