cvedb.io
CVE-2018-10630
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-08-10T19:29:00.240 · Last modified 2026-06-17T01:34:18.933

Summary

For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.

Affected products

crestron — tsw-x60_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when crestron ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.