cvedb.io
CVE-2016-5669
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2016-08-03T01:59:07.693 · Last modified 2026-06-17T00:49:50.627

Summary

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.

Affected products

crestron — dm-txrx-100-str_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when crestron ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.