CVE-2016-5666
 
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.
Dispositivos Crestron Electronics DM-TXRX-100-STR con firmware en versiones anteriores a 1.3039.00040 confía en el cliente para realizar la autenticación, lo que permite a atacantes remotos obtener acceso estableciendo el valor de objresp.authenabled a 1.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-06-16 CVE Reserved
- 2016-08-03 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.kb.cert.org/vuls/id/974424 | Third Party Advisory | |
http://www.securityfocus.com/bid/92211 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Crestron Search vendor "Crestron" | Dm-txrx-100-str Firmware Search vendor "Crestron" for product "Dm-txrx-100-str Firmware" | 1.2866.00026 Search vendor "Crestron" for product "Dm-txrx-100-str Firmware" and version "1.2866.00026" | - |
Affected
| in | Crestron Search vendor "Crestron" | Dm-txrx-100-str Search vendor "Crestron" for product "Dm-txrx-100-str" | - | - |
Safe
|