CVE-2016-5666

Published: Aug 3, 2016Modified: May 6, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.

Affected (1)

Products: Crestron: Dm Txrx 100 Str Firmware

Crestron

1 product

Dm Txrx 100 Str Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Crestron Dm Txrx 100 Str Firmware	Version 1.2866.00026

Running on/with	Platform Versions
Crestron Dm Txrx 100 Str	All versions

References (4)

http://www.kb.cert.org/vuls/id/974424

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/92211

Source: cret@cert.org

Third Party AdvisoryVDB Entry

http://www.kb.cert.org/vuls/id/974424

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/92211

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.