Unauthenticated Remote Code Execution via Command Injection in Crestron Toolbox Protocol (CTP) on Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC Devices

Unauthenticated Remote Code Execution via Command Injection in Crestron Toolbox Protocol (CTP) on Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC Devices

CVE-2018-11229 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).

Learn more about our Web Application Penetration Testing UK.