74 matches found
EUVD-2019-6680
Malware in sbrugna...
EUVD-2023-40140
Malicious code in bioql PyPI...
EUVD-2023-40139
Malicious code in bioql PyPI...
EUVD-2023-37920
Malicious code in bioql PyPI...
CVE-2025-8627 Unauthenticated Protocol Commands on TP-Link KP303
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...
CVE-2023-36161
An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...
CVE-2019-15745
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart...
CVE-2024-46041
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay...
CVE-2024-46040
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode leads the attacker to replay the Wi-Fi packets and forcefully turn off the access point after t...
CVE-2024-46040
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode leads the attacker to replay the Wi-Fi packets and forcefully turn off the access point after t...
IoT Haat Smart Plug IH-IN-16A-S 安全漏洞
IoT Haat Smart Plug IH-IN-16A-S is a smart plug from IoT Haat. A security vulnerability exists in IoT Haat Smart Plug IH-IN-16A-S version v5.16.1, which stems from the presence of a session expiration insufficiency issue and lack of validation of authentication tokens, which could lead to an...
IoT Haat Smart Plug IH-IN-16A-S 安全漏洞
IoT Haat Smart Plug IH-IN-16A-S is a smart plug from IoT Haat. A security vulnerability exists in IoT Haat Smart Plug IH-IN-16A-S version v5.16.1, which stems from vulnerability to capture replay authentication bypass attacks...
CVE-2024-46040
IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode leads the attacker to replay the Wi-Fi packets and forcefully turn off the access point after t...
PT-2024-31882 · Iot Haat · Iot Haat Smart Plug Ih-In-16A-S
Name of the Vulnerable Software and Affected Versions: IoT Haat Smart Plug IH-IN-16A-S version 5.16.1 Description: The issue is related to Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode allows an attacker to...
CVE-2024-46041
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is affected by CVE-2024-46041: an Authentication Bypass via capture-replay during Provisioning (Access Point pairing). Public sources (NVD/Red Hat/CNNVD) confirm the product and version, describing an authentication-token replay attack that can bypass login...
CVE-2024-46040
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is affected by Insufficient Session Expiration due to lack of validation of the authentication token during the Access Point Pairing mode. This enables an attacker to replay Wi-Fi provisioning packets and forcibly turn off the access point after the token e...
CVE-2024-46041
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay...
CVE-2024-46041
IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay...
CVE-2023-36160
An issue was discovered in Qubo Smart Plug10A version HSP02010114SYSTEM-10 A, allows local attackers to gain sensitive information and other unspecified impact via UART console...
CVE-2023-36160
An issue was discovered in Qubo Smart Plug10A version HSP02010114SYSTEM-10 A, allows local attackers to gain sensitive information and other unspecified impact via UART console...