CVE-2016-5666

EPSS 1.25%
Published 03.08.2016 01:59:03
Last modified 12.04.2025 10:46:40
Source cret@cert.org
Teams watchlist Login
Open Login

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Crestron ≫ Dm-txrx-100-str Firmware Version1.2866.00026

Crestron ≫ Dm-txrx-100-str Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.25%	0.784

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.kb.cert.org/vuls/id/974424

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/92211

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-5666

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-5666

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-5666

EUVD