Crestron recently addressed a command injection vulnerability in the console service preinstalled on the Digital Graphics Engine 100 (DGE-100) and other hardware controllers made by the company.
http://feedproxy.google.com/~r/Securityweek/~3/OzwHhN1BBro/crestron-patches-command-injection-flaw-dge-100-controller










