CVE-2016-5666

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.
References
Link Resource
http://www.kb.cert.org/vuls/id/974424 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/92211 Third Party Advisory VDB Entry
http://www.kb.cert.org/vuls/id/974424 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/92211 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*
cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:54

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/974424 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/974424 - Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/92211 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/92211 - Third Party Advisory, VDB Entry

Information

Published : 2016-08-03 01:59

Updated : 2024-11-21 02:54


NVD link : CVE-2016-5666

Mitre link : CVE-2016-5666

CVE.ORG link : CVE-2016-5666


JSON object : View

Products Affected

crestron

  • dm-txrx-100-str
  • dm-txrx-100-str_firmware