PT-2016-6627 · Crestron Electronics · Dm-Txrx-100-Str

Carsten Eiram

Publicado

2016-08-03

Atualizado

2016-08-15

CVE-2016-5670

CVSS v3.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Crestron Electronics DM-TXRX-100-STR devices with firmware prior to 1.3039.00040

Description The issue allows remote attackers to obtain access via the web management interface due to a hardcoded password of admin for the admin account.

Recommendations For devices with firmware prior to 1.3039.00040, update the firmware to version 1.3039.00040 or later to change the hardcoded password. As a temporary workaround, consider restricting access to the web management interface until the firmware can be updated.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2016-5670

Produtos afetados

Dm-Txrx-100-Str

PT-2016-6627 · Crestron Electronics · Dm-Txrx-100-Str

CVE-2016-5670

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4