Sign-up

ID

VAR-201608-0079


CVE

CVE-2016-5666


TITLE

Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#974424

DESCRIPTION

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1. Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and earlier, has a web management interface which contains multiple vulnerabilities, including authentication bypass, failure to restrict access to authorized users, use of hard-coded certificate, default credentials, and cross-site request forgery (CSRF). These vulnerabilities may be leveraged to gain complete control of affected devices. Supplementary information : CWE Vulnerability type by CWE-603: Use of Client-Side Authentication ( Using client-side authentication ) Has been identified. http://cwe.mitre.org/data/definitions/603.htmlBy a third party objresp.authenabled The value 1 If set to, access rights may be obtained. Crestron Electronics DM-TXRX-100-STR is prone to the following multiple security vulnerabilities: 1. Multiple authentication-bypass vulnerabilities 2. Multiple security-bypass vulnerabilities 3. A cross-site request-forgery vulnerability An attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks. Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and prior versions are vulnerable. Crestron Electronics DM-TXRX-100-STR is a stream encoder/decoder product from Crestron Electronics, USA

Trust: 2.7

sources: NVD: CVE-2016-5666 // CERT/CC: VU#974424 // JVNDB: JVNDB-2016-004127 // BID: 92211 // VULHUB: VHN-94485

AFFECTED PRODUCTS

vendor:crestronmodel:dm-txrx-100-strscope:eqversion:1.2866.00026

Trust: 1.6

vendor:crestronmodel: - scope: - version: -

Trust: 0.8

vendor:crestronmodel:dm-txrx-100-strscope: - version: -

Trust: 0.8

vendor:crestronmodel:dm-txrx-100-strscope:ltversion:1.3039.00040

Trust: 0.8

vendor:crestronmodel:electronics dm-txrx-100-strscope:eqversion:1.2866.00026

Trust: 0.3

vendor:crestronmodel:electronics dm-txrx-100-strscope:neversion:1.3039.00040

Trust: 0.3

sources: CERT/CC: VU#974424 // BID: 92211 // JVNDB: JVNDB-2016-004127 // CNNVD: CNNVD-201608-003 // NVD: CVE-2016-5666

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5666
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-5666
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201608-003
value: MEDIUM

Trust: 0.6

VULHUB: VHN-94485
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-5666
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-94485
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-5666
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-94485 // JVNDB: JVNDB-2016-004127 // CNNVD: CNNVD-201608-003 // NVD: CVE-2016-5666

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2016-004127 // NVD: CVE-2016-5666

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-003

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201608-003

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004127

PATCH
title:DM-TXRX-100-STRurl:https://www.crestron.com/downloads/pdf/spec_sheets/commercial_and_residential/dm-txrx-100-str.pdf
Trust: 0.8
title:Resource Libraryurl:http://www.crestron.com/resources/resource-library/firmware
Trust: 0.8
title:Crestron Electronics DM-TXRX-100-STR Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63404
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004127 // 
            
            
            
            CNNVD: CNNVD-201608-003

EXTERNAL IDS
db:CERT/CCid:VU#974424
Trust: 3.6
db:NVDid:CVE-2016-5666
Trust: 2.8
db:BIDid:92211
Trust: 1.4
db:JVNid:JVNVU93291811
Trust: 0.8
db:JVNDBid:JVNDB-2016-004127
Trust: 0.8
db:CNNVDid:CNNVD-201608-003
Trust: 0.7
db:VULHUBid:VHN-94485
Trust: 0.1
sources:
            
            
            CERT/CC: VU#974424 // 
            
            
            
            VULHUB: VHN-94485 // 
            
            
            
            BID: 92211 // 
            
            
            
            JVNDB: JVNDB-2016-004127 // 
            
            
            
            CNNVD: CNNVD-201608-003 // 
            
            
            
            NVD: CVE-2016-5666

REFERENCES
url:http://www.kb.cert.org/vuls/id/974424
Trust: 2.8
url:https://www.crestron.com/downloads/pdf/spec_sheets/commercial_and_residential/dm-txrx-100-str.pdf
Trust: 1.1
url:http://www.securityfocus.com/bid/92211
Trust: 1.1
url:https://cwe.mitre.org/data/definitions/603.html
Trust: 0.8
url:http://cwe.mitre.org/data/definitions/425.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/306.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/321.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/255.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/352.html
Trust: 0.8
url:https://www.crestron.com/resources/resource-library/firmware
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5666
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93291811/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5666
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/bluu-a9cmty
Trust: 0.8
sources:
            
            
            CERT/CC: VU#974424 // 
            
            
            
            VULHUB: VHN-94485 // 
            
            
            
            BID: 92211 // 
            
            
            
            JVNDB: JVNDB-2016-004127 // 
            
            
            
            CNNVD: CNNVD-201608-003 // 
            
            
            
            NVD: CVE-2016-5666

CREDITS
Carsten Eiram of Risk Based Security
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201608-003

SOURCES
db:CERT/CCid:VU#974424
db:VULHUBid:VHN-94485
db:BIDid:92211
db:JVNDBid:JVNDB-2016-004127
db:CNNVDid:CNNVD-201608-003
db:NVDid:CVE-2016-5666

LAST UPDATE DATE
2025-04-13T23:21:06.859000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#974424date:2016-08-01T00:00:00
db:VULHUBid:VHN-94485date:2016-08-15T00:00:00
db:BIDid:92211date:2016-08-01T00:00:00
db:JVNDBid:JVNDB-2016-004127date:2016-08-04T00:00:00
db:CNNVDid:CNNVD-201608-003date:2016-08-04T00:00:00
db:NVDid:CVE-2016-5666date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#974424date:2016-08-01T00:00:00
db:VULHUBid:VHN-94485date:2016-08-03T00:00:00
db:BIDid:92211date:2016-08-01T00:00:00
db:JVNDBid:JVNDB-2016-004127date:2016-08-04T00:00:00
db:CNNVDid:CNNVD-201608-003date:2016-08-04T00:00:00
db:NVDid:CVE-2016-5666date:2016-08-03T01:59:03.740