The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
crestron dge-100_firmware |
||
crestron dm-dge-200-c_firmware |
||
crestron ts-1542-c_firmware |