CVE Vulnerability
CVE-2020-16839
On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch, the password can be changed by sending an unauthenticated WebSocket request.
References
| Link | Resource |
|---|---|
| https://www.crestron.com/Software-Firmware/Firmware/DigitalMedia/DM-XIO/1-0-3-802 | Permissions Required |
| https://support.crestron.com | Vendor Advisory |
| https://www.security.crestron.com | Broken Link |
| https://www.crestron.com/Security/Security-at-Crestron | Vendor Advisory |
Configurations
Configuration 1
|
|
Information
Published : 2021-07-30 02:15
Updated : 2022-07-12 05:42
NVD link : CVE-2020-16839
Mitre link : CVE-2020-16839
Products Affected
No products.
CWE