CVE-2018-11228

N/A

Descripcion

Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado6/8/2018

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

crestron:crestron_toolbox_protocol_firmwarecrestron:dmc-strcrestron:tsw-1060crestron:tsw-1060-nccrestron:tsw-560crestron:tsw-560-nccrestron:tsw-760crestron:tsw-760-nc

Debilidades (CWE)

CWE-94

Referencias

http://www.securityfocus.com/bid/105051(cve@mitre.org)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(cve@mitre.org)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(cve@mitre.org)

http://www.securityfocus.com/bid/105051(af854a3a-2127-422b-91ae-364da2661108)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(af854a3a-2127-422b-91ae-364da2661108)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.