Vulnerability in Crestron Electronics Touchpanels (X60/x70)

CVE-2026-7865

A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument.  A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen fun…

EPSS: 0.005 (64.9th percentile) — read the EPSS interpretation.