CVE-2016-5671

Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of arbitrary users.
References
Link Resource
http://www.kb.cert.org/vuls/id/974424 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/92211 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:crestron:dm-txrx-100-str_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:crestron:dm-txrx-100-str:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-08-03 01:59

Updated : 2024-02-28 15:21


NVD link : CVE-2016-5671

Mitre link : CVE-2016-5671

CVE.ORG link : CVE-2016-5671


JSON object : View

Products Affected

crestron

  • dm-txrx-100-str
  • dm-txrx-100-str_firmware
CWE
CWE-352

Cross-Site Request Forgery (CSRF)