← Zuruck zu CVEs
CVE-2026-7865
N/ABeschreibung
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH console of Crestron devices may use to run underlying OS commands.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht5/5/2026
Zuletzt geandert5/5/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-88
Referenzen
https://www.crestron.com/Software-Firmware/Firmware/Touchpanels/TS-770-TS-1070-TSS-770-TSS-1070-TSW-570/3-003-0015-001(25b0b659-c4b4-483f-aecb-067757d23ef3)
https://www.crestron.com/release_notes/tsw-xx70_3.003.0015.001_release_notes.pdf(25b0b659-c4b4-483f-aecb-067757d23ef3)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.