Sign-up

ID

VAR-201608-0083


CVE

CVE-2016-5670


TITLE

Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#974424

DESCRIPTION

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface. Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and earlier, has a web management interface which contains multiple vulnerabilities, including authentication bypass, failure to restrict access to authorized users, use of hard-coded certificate, default credentials, and cross-site request forgery (CSRF). These vulnerabilities may be leveraged to gain complete control of affected devices. Crestron Electronics DM-TXRX-100-STR is prone to the following multiple security vulnerabilities: 1. Multiple authentication-bypass vulnerabilities 2. Multiple security-bypass vulnerabilities 3. A cross-site request-forgery vulnerability An attacker can exploit these issues to bypass certain security restrictions, perform certain unauthorized actions , bypass the authentication mechanism and compromise the application; This may aid in further attacks. Crestron Electronics DM-TXRX-100-STR, version 1.2866.00026 and prior versions are vulnerable. Crestron Electronics DM-TXRX-100-STR is a stream encoder/decoder product from Crestron Electronics, USA. A remote attacker can exploit this vulnerability to gain privileges through the web management interface

Trust: 2.7

sources: NVD: CVE-2016-5670 // CERT/CC: VU#974424 // JVNDB: JVNDB-2016-004131 // BID: 92211 // VULHUB: VHN-94489

AFFECTED PRODUCTS

vendor:crestronmodel:dm-txrx-100-strscope:eqversion:1.2866.00026

Trust: 1.6

vendor:crestronmodel: - scope: - version: -

Trust: 0.8

vendor:crestronmodel:dm-txrx-100-strscope: - version: -

Trust: 0.8

vendor:crestronmodel:dm-txrx-100-strscope:ltversion:1.3039.00040

Trust: 0.8

vendor:crestronmodel:electronics dm-txrx-100-strscope:eqversion:1.2866.00026

Trust: 0.3

vendor:crestronmodel:electronics dm-txrx-100-strscope:neversion:1.3039.00040

Trust: 0.3

sources: CERT/CC: VU#974424 // BID: 92211 // JVNDB: JVNDB-2016-004131 // CNNVD: CNNVD-201608-007 // NVD: CVE-2016-5670

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-5670
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-5670
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201608-007
value: CRITICAL

Trust: 0.6

VULHUB: VHN-94489
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-5670
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-94489
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-5670
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-94489 // JVNDB: JVNDB-2016-004131 // CNNVD: CNNVD-201608-007 // NVD: CVE-2016-5670

PROBLEMTYPE DATA

problemtype:CWE-255

Trust: 1.9

sources: VULHUB: VHN-94489 // JVNDB: JVNDB-2016-004131 // NVD: CVE-2016-5670

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-007

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201608-007

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-004131

PATCH
title:Resource Libraryurl:http://www.crestron.com/resources/resource-library/firmware
Trust: 0.8
title:DM-TXRX-100-STRurl:https://www.crestron.com/downloads/pdf/spec_sheets/commercial_and_residential/dm-txrx-100-str.pdf
Trust: 0.8
title:Crestron Electronics DM-TXRX-100-STR Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63408
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-004131 // 
            
            
            
            CNNVD: CNNVD-201608-007

EXTERNAL IDS
db:CERT/CCid:VU#974424
Trust: 3.6
db:NVDid:CVE-2016-5670
Trust: 2.8
db:BIDid:92211
Trust: 1.4
db:JVNid:JVNVU93291811
Trust: 0.8
db:JVNDBid:JVNDB-2016-004131
Trust: 0.8
db:CNNVDid:CNNVD-201608-007
Trust: 0.7
db:VULHUBid:VHN-94489
Trust: 0.1
sources:
            
            
            CERT/CC: VU#974424 // 
            
            
            
            VULHUB: VHN-94489 // 
            
            
            
            BID: 92211 // 
            
            
            
            JVNDB: JVNDB-2016-004131 // 
            
            
            
            CNNVD: CNNVD-201608-007 // 
            
            
            
            NVD: CVE-2016-5670

REFERENCES
url:http://www.kb.cert.org/vuls/id/974424
Trust: 2.8
url:https://www.crestron.com/downloads/pdf/spec_sheets/commercial_and_residential/dm-txrx-100-str.pdf
Trust: 1.1
url:http://www.securityfocus.com/bid/92211
Trust: 1.1
url:https://cwe.mitre.org/data/definitions/603.html
Trust: 0.8
url:http://cwe.mitre.org/data/definitions/425.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/306.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/321.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/255.html
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/352.html
Trust: 0.8
url:https://www.crestron.com/resources/resource-library/firmware
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5670
Trust: 0.8
url:http://jvn.jp/vu/jvnvu93291811/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5670
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/bluu-a9cmty
Trust: 0.8
sources:
            
            
            CERT/CC: VU#974424 // 
            
            
            
            VULHUB: VHN-94489 // 
            
            
            
            BID: 92211 // 
            
            
            
            JVNDB: JVNDB-2016-004131 // 
            
            
            
            CNNVD: CNNVD-201608-007 // 
            
            
            
            NVD: CVE-2016-5670

CREDITS
Carsten Eiram of Risk Based Security
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201608-007

SOURCES
db:CERT/CCid:VU#974424
db:VULHUBid:VHN-94489
db:BIDid:92211
db:JVNDBid:JVNDB-2016-004131
db:CNNVDid:CNNVD-201608-007
db:NVDid:CVE-2016-5670

LAST UPDATE DATE
2025-04-13T23:21:06.962000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#974424date:2016-08-01T00:00:00
db:VULHUBid:VHN-94489date:2016-08-15T00:00:00
db:BIDid:92211date:2016-08-01T00:00:00
db:JVNDBid:JVNDB-2016-004131date:2016-08-04T00:00:00
db:CNNVDid:CNNVD-201608-007date:2016-08-04T00:00:00
db:NVDid:CVE-2016-5670date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CERT/CCid:VU#974424date:2016-08-01T00:00:00
db:VULHUBid:VHN-94489date:2016-08-03T00:00:00
db:BIDid:92211date:2016-08-01T00:00:00
db:JVNDBid:JVNDB-2016-004131date:2016-08-04T00:00:00
db:CNNVDid:CNNVD-201608-007date:2016-08-04T00:00:00
db:NVDid:CVE-2016-5670date:2016-08-03T01:59:09.053