CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-5669

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0760%
EPSS Percentile25.91th
Published2016年8月3日
Last Modified2026年5月6日

Vulnerability Description

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.

Affected Platforms (CPE)

💻
Crestron

Dm Txrx 100 Str Firmware

= 1.2866.00026

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/974424
🔗 http://www.securityfocus.com/bid/92211
🔗 http://www.kb.cert.org/vuls/id/974424
🔗 http://www.securityfocus.com/bid/92211

相关漏洞威胁

CVE-2016-56669.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which...

CVE-2016-56679.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via...

CVE-2016-56689.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and...

CVE-2016-56709.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin ac...