CVE-2018-11229

N/A

Description

Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).

Details CVE

Score CVSS v3.1N/A

Publie6/8/2018

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

crestron:crestron_toolbox_protocol_firmwarecrestron:dmc-strcrestron:tsw-1060crestron:tsw-1060-nccrestron:tsw-560crestron:tsw-560-nccrestron:tsw-760crestron:tsw-760-nc

Faiblesses (CWE)

CWE-78

References

http://www.securityfocus.com/bid/105051(cve@mitre.org)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(cve@mitre.org)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(cve@mitre.org)

http://www.securityfocus.com/bid/105051(af854a3a-2127-422b-91ae-364da2661108)

https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01(af854a3a-2127-422b-91ae-364da2661108)

https://support.crestron.com/app/answers/answer_view/a_id/5471/~/the-latest-details-from-crestron-on-security-and-safety-on-the-internet(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.