CyberSec.Space Logo
Back to CVE Browser

CVE-2016-5666

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1480%
EPSS Percentile3.32th
PublishedAug 3, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.

Affected Platforms (CPE)

πŸ’»
Crestron

Dm Txrx 100 Str Firmware

= 1.2866.00026

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/974424
πŸ”— http://www.securityfocus.com/bid/92211
πŸ”— http://www.kb.cert.org/vuls/id/974424
πŸ”— http://www.securityfocus.com/bid/92211

Related Vulnerabilities

CVE-2016-56679.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via...

CVE-2016-56689.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and...

CVE-2016-56699.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificat...

CVE-2016-56709.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin ac...