Authentication flaw

2016-08-0301:59:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 allow remote attackers to bypass authentication and change settings via a JSON API call.

CPENameOperatorVersion
dm-txrx-100-str_firmwareeq1.2866.00026

CPE	Name	Operator	Version
	dm-txrx-100-str_firmware	eq	1.2866.00026

References

www.kb.cert.org/vuls/id/974424

www.securityfocus.com/bid/92211