Users should update their DGE-100 devices to the latest firmware version available here. DGE-100 devices running firmware versions 1.3384.00049.001 and lower with default configuration are vulnerable to CVE-2018-5553.ĬVE-2018-5553 is categorized as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), and has a base CVSSv3 score of 9.8 (Critical). Due to a lack of input sanitization, this service is vulnerable to command injection that can be used to gain root-level access. This post describes CVE-2018-5553, a vulnerability in the Crestron Console service that is preinstalled on the DGE-100.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |