CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

EUVD-2018-20759

Malware in sbrugna...

Contec Smart Home Unauthorized Password Reset Vulnerability

Contec Smart Home is a smart home management system for managing connected smart home devices. A security vulnerability exists in Contec Smart Home version 4.15, which stems from the program failing to require authentication for the newuser.php, edituser.php, deleteuser.php, and user.php files. A...

Contec Smart Home Authentication Bypass Vulnerability

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from ...

Contec Smart Home Detection

Detection of Contec Smart Home. The script sends a connection request to the server and attempts to detect Contec Smart Home and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

Design/Logic Flaw

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

CVE-2018-9162

Contec Smart Home 4.15 devices are affected by an authentication bypass in the web interfaces (new_user.php, edit_user.php, delete_user.php, and user.php). The root issue is that these endpoints do not require authentication, allowing an attacker to change the administrator password and gain cont...

CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...

Contec Smart Home 4.15 - Unauthorized Password Reset Vulnerability

Exploit for hardware platform in category web applications Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact :...

Contec Smart Home 4.15 - Unauthorized Password Reset

Contec Smart Home 4.15 - Unauthorized Password Reset Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact :...

Contec Smart Home 4.15 - Unauthorized Password Reset

Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact : [email protected] Facebook Page : https://www.facebook.com/Z3ro0...