Lucene search

[email protected]CVE-2022-43704

HistoryJan 20, 2023 - 5:15 p.m.

CVE-2022-43704

2023-01-2017:15:10

CWE-294

[email protected]

web.nvd.nist.gov

sinilink

xy-wft1

wifi

remote thermostat

firmware 1.3.6

mqtt

sinilink521 protocol

udp

relay control

temperature manipulation

nvd

cve-2022-43704

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON

The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device’s physical environment.

Affected configurations

NVD

Node

sinilinkxy-wft1Match-

AND

sinilinkxy-wft1_firmwareMatch1.3.6

CPENameOperatorVersion
sinilink:xy-wft1_firmwaresinilink xy-wft1 firmwareeq1.3.6

CPE	Name	Operator	Version
sinilink:xy-wft1_firmware	sinilink xy-wft1 firmware	eq	1.3.6

References

www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2022-43704-capture-replay-vulnerability-in-sinilink-xy-wft1-thermostat/

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON

Related for CVE-2022-43704

nvd1 prion1 cvelist1 githubexploit1