Credentials Management Errors

CVE-2016-5670

High

9.8/10

Summary

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via the web management interface.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

References

Advisory Timeline

Published Aug 03, 2016

Credentials Management Errors

CVE-2016-5670

Summary

CWE-255 - Credentials Management Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS