CVEブラウザに戻る

CVE-2016-5667

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1150%

EPSS Percentile8.53th

Published2016年8月3日

Last Modified2026年5月6日

Vulnerability Description

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html.

Affected Platforms (CPE)

💻

Crestron

Dm Txrx 100 Str Firmware

= 1.2866.00026

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/974424

🔗 http://www.securityfocus.com/bid/92211

🔗 http://www.kb.cert.org/vuls/id/974424

🔗 http://www.securityfocus.com/bid/92211

関連する脆弱性情報

CVE-2016-56669.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which...

CVE-2016-56689.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and...

CVE-2016-56699.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificat...

CVE-2016-56709.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin ac...