CVE-2016-5668

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0720%

EPSS Percentile39.68th

Published2016年8月3日

Last Modified2026年5月6日

Vulnerability Description

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call.

Affected Platforms (CPE)

💻

Crestron

Dm Txrx 100 Str Firmware

= 1.2866.00026

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/974424

🔗 http://www.securityfocus.com/bid/92211

🔗 http://www.kb.cert.org/vuls/id/974424

🔗 http://www.securityfocus.com/bid/92211

関連する脆弱性情報

CVE-2016-56669.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which...

CVE-2016-56679.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via...

CVE-2016-56699.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificat...

CVE-2016-56709.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin ac...