Crestron DM-TXRX-100-STR Firmware 1.2866.00026
Approved changes feed: RSS · Atom
cpe:2.3:o:crestron:dm-txrx-100-str_firmware:1.2866.00026:*:*:*:*:*:*:*
part: o version: 1.2866.00026 update: *
| Vendor | Crestron (c3f889c7-b88c-556e-9a5e-f70525099cf1) |
|---|---|
| Product | Dm Txrx 100 Str Firmware (f5de316c-01eb-51eb-980d-c76ca5c75b79) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-5670 |
vulnerable | 2026-06-03 14:35:55.536236 |
Details available
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface.
Published: 2016-08-03T01:00:00.000Z
Updated: 2024-08-06T01:08:00.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5669 |
vulnerable | 2026-06-03 14:35:55.535913 |
Details available
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.
Published: 2016-08-03T01:00:00.000Z
Updated: 2024-08-06T01:08:00.252Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5668 |
vulnerable | 2026-06-03 14:35:55.535594 |
Details available
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call.
Published: 2016-08-03T01:00:00.000Z
Updated: 2024-08-06T01:08:00.685Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5667 |
vulnerable | 2026-06-03 14:35:55.535243 |
Details available
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication via a direct request to a page other than index.html.
Published: 2016-08-03T01:00:00.000Z
Updated: 2024-08-06T01:08:00.240Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5666 |
vulnerable | 2026-06-03 14:35:55.534284 |
Details available
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.
Published: 2016-08-03T01:00:00.000Z
Updated: 2024-08-06T01:07:59.908Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.