CVE-2016-5666

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.
References
Link Resource
http://www.kb.cert.org/vuls/id/974424 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/92211 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*
cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-08-03 01:59

Updated : 2024-02-28 15:21


NVD link : CVE-2016-5666

Mitre link : CVE-2016-5666

CVE.ORG link : CVE-2016-5666


JSON object : View

Products Affected

crestron

  • dm-txrx-100-str
  • dm-txrx-100-str_firmware