Authentication Bypass in Crestron Electronics DM-TXRX-100-STR Devices
CVE-2016-5666 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 rely on the client to perform authentication, which allows remote attackers to obtain access by setting the value of objresp.authenabled to 1.
Learn more about our Web Application Penetration Testing UK.