N/A

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificate from an OpenSSL Test Certification Authority, which makes it easier for remote attackers to conduct man-in-the-middle attacks against HTTPS sessions by leveraging the certificate's trust relationship.

N/A

N/A

Crestron Electronics DM-TXRX-100-STR 安全漏洞

Crestron Electronics DM-TXRX-100-STR是美国Crestron Electronics公司的一款流编码器/解码器产品。 使用1.3039.00040及之前版本固件的Crestron Electronics DM-TXRX-100-STR设备存在安全漏洞，该漏洞源于程序使用来自OpenSSL Test Certification Authority授权的硬编码的X.509证书。攻击者可借助特制的证书利用该漏洞实施中间人攻击，欺骗服务器，获取敏感信息。

N/A

N/A