Command Injection Vulnerability in Crestron Console Service on DGE-100, DM-DGE-200-C, and TS-1542-C Devices

Command Injection Vulnerability in Crestron Console Service on DGE-100, DM-DGE-200-C, and TS-1542-C Devices

CVE-2018-5553 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access.

Learn more about our Web Application Penetration Testing UK.