25 matches found
EUVD-2019-6312
Malware in sbrugna...
EUVD-2022-33047
Malicious code in bioql PyPI...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
CVE-2019-15310
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...
CVE-2019-15311
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
Hardcoded credentials
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
LinkPlay Sound Bar 信任管理问题漏洞
LinkPlay Sound Bar is a speaker from LinkPlay USA. A trust management issue vulnerability exists in LinkPlay Sound Bar v1.0. An attacker could exploit this vulnerability to elevate privileges via a hard-coded password via an SSL certificate...
CVE-2022-28605
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory...
CVE-2022-28605
The CVE-2022-28605 entry concerns Linkplay SDK 1.00, specifically in SoundBar apps, where a hardcoded admin token enables remote attackers to gain admin privileges in the Linkplay antifactory. The vulnerability stems from a hardcoded credential in the SoundBar app integration with the Linkplay SD...
PT-2022-19099 · Linkplay · Linkplay Sdk
Name of the Vulnerable Software and Affected Versions: Linkplay SDK version 1.00 Description: The issue concerns a hardcoded admin token in SoundBar apps using the Linkplay SDK, allowing remote attackers to gain admin privilege access. Recommendations: For Linkplay SDK version 1.00, consider...
Unspecified vulnerability in Linkplay firmware
The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...
Unspecified vulnerability in Linkplay firmware
The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...
Unspecified vulnerability in Linkplay firmware
The Anker Zolo Halo is a smart speaker from Anker Philippines. A security vulnerability exists in the Linkplay firmware. An attacker can exploit the vulnerability to execute code...
CVE-2019-15312
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an...
CVE-2019-15310
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...
Command injection
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command...
Command injection
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...