65 matches found
Sealevel Systems SeaConnect 370W File Writing Vulnerability
Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. The Sealevel Systems SeaConnect 370W is vulnerable to a file-write vulnerability, which stems from the fact that the product's OTA update task feature does not effectively restrict...
Sealevel Systems SeaConnect 370W Buffer Overflow Vulnerability (CNVD-2022-10700)
Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. A buffer overflow vulnerability exists in Sealevel Systems SeaConnect 370W, which stems from the product's OTA Update u-download feature that does not effectively limit memory...
CVE-2021-21962
A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger th...
CVE-2021-21968
A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...
CVE-2021-21962
A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger th...
Heap overflow
A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger th...
Arbitrary file deletion
A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...
CVE-2021-21962
The provided connected documents confirm a heap-based buffer overflow in SeaConnect 370W (v1.3.34) OTA Update u-download, triggered by specially crafted MQTT payloads over a MITM position. The root cause involves the ParseToDownloadMessage path where unescape allocates a small heap buffer and une...
CVE-2021-21962
A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger th...
CVE-2021-21962
A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger th...
CVE-2021-21968
CVE-2021-21968 affects Sealevel Systems SeaConnect 370W v1.3.34. The OTA update task allows a specially crafted MQTT payload to overwrite arbitrary files due to improper input validation in the OTA download logic (notably the dest field can create/open any file). This can enable a MITM attacker t...
Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to...
Sealevel Systems SeaConnect 370W 安全漏洞
Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. The Sealevel Systems SeaConnect 370W is vulnerable to a file-write vulnerability, which stems from the fact that the product's OTA update task feature does not effectively restrict...
Sealevel Systems SeaConnect 370W 缓冲区错误漏洞
Sealevel Systems SeaConnect 370W is an Industrial Internet of Things Iiot edge device from Sealevel Systems, Inc. It is used to remotely monitor and control the status of actual I/O processes. A buffer error vulnerability exists in the Sealevel Systems SeaConnect 370W, which stems from the...
GHSA-48MJ-P7X2-5JFM Basic auth bypass in esphome
Impact Anyone with webserver enabled and HTTP basic auth configured on 2021.9.1 or older webserver allows OTA update without checking user defined basic auth username & password Patches Patch released in 2021.9.2 Workarounds Disable/remove webserver...
Basic auth bypass in esphome
Impact Anyone with webserver enabled and HTTP basic auth configured on 2021.9.1 or older webserver allows OTA update without checking user defined basic auth username & password Patches Patch released in 2021.9.2 Workarounds Disable/remove webserver...
CVE-2021-41104 web_server allows OTA update without checking user defined basic auth username & password
ESPHome is a system to control the ESP8266/ESP32. Anyone with webserver enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which webserver allows over-the-air OTA updates without checking user defined basic auth username & password. This issue is...
Vehicle Telematics Security; getting it right
We spend a LOT of time looking at vehicle telematics security, sometimes on client projects but mostly doing vanilla research on telematics components that we’ve bought ourselves, or investigating our own vehicles. We have a pile of vehicle TCUs here that’s several feet high, plus a couple of...
CVE-2016-6564
Android devices with code from Ragentek contain a privileged binary that performs over-the-air OTA update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as /system/bin/debugs,...
CVE-2016-6564 Ragentek Android software contains an over-the-air update mechanism that communicates over an unencrypted channel, which can allow a remote attacker to execute arbitrary code with root privileges
Android devices with code from Ragentek contain a privileged binary that performs over-the-air OTA update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This binary, which resides as /system/bin/debugs,...