Lucene search
+L

78 matches found

cve
cve
added 2023/09/15 12:0 a.m.37 views

CVE-2023-36160

CVE-2023-36160 affects Qubo Smart Plug10A, specifically version HSP02_01_01_14_SYSTEM-10 A. The issue permits local attackers to access sensitive information via the UART console, with the exposed impact limited to confidentiality (as per the CVSS and vendor notes) and without other confirmed exp...

5.5CVSS5.5AI score0.00163EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/09/15 12:0 a.m.7 views

PT-2023-25460 · Unknown · Qubo Smart Plug 10A

Name of the Vulnerable Software and Affected Versions: Qubo Smart Plug10A version HSP02 01 01 14 SYSTEM-10 A Description: An issue was discovered in Qubo Smart Plug10A, allowing local attackers to gain sensitive information and other unspecified impact via UART console. Recommendations: For Qubo...

5.5CVSS5.6AI score0.00163EPSS
Exploits0References5
cnnvd
cnnvd
added 2023/09/15 12:0 a.m.5 views

Qubo Smart Plug Security Vulnerability

Qubo Smart Plug is a smart plug from Qubo. It effectively manages and tracks the energy consumption of devices through real-time power monitoring. A security vulnerability exists in Qubo Smart Plug version 10A HSP02010114SYSTEM-10 A. The vulnerability stems from a vulnerability that allows an...

5.5CVSS6.7AI score0.00163EPSS
Exploits0References3
osv
osv
added 2023/09/11 1:15 p.m.5 views

CVE-2023-36161

An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...

7.5CVSS7.1AI score0.00545EPSS
Exploits0References1
attackerkb
attackerkb
added 2023/09/11 1:15 p.m.7 views

CVE-2023-36161

An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...

7.5CVSS5.8AI score0.00545EPSS
Exploits0References2
prion
prion
added 2023/09/11 1:15 p.m.20 views

Design/Logic Flaw

An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...

5CVSS7.3AI score0.00545EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2023/09/11 12:0 a.m.6 views

Qubo Smart Plug Security Vulnerability

Qubo Smart Plug is a smart plug from Qubo. It effectively manages and tracks the energy consumption of devices through real-time power monitoring. A security vulnerability exists in the Qubo Smart Plug version 10A HSP02010114SYSTEM-10A, which stems from a vulnerability that allows an attacker to...

7.5CVSS6.6AI score0.00545EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2023/09/11 12:0 a.m.12 views

CVE-2023-36161

An issue was discovered in Qubo Smart Plug 10A version HSP02010114SYSTEM-10A, allows attackers to cause a denial of service DoS via Wi-Fi deauthentication...

6.8AI score0.00545EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/09/11 12:0 a.m.7 views

PT-2023-25461 · Unknown · Qubo Smart Plug 10A

Name of the Vulnerable Software and Affected Versions: Qubo Smart Plug 10A version HSP02 01 01 14 SYSTEM-10A Description: An issue was discovered in the Qubo Smart Plug 10A, allowing attackers to cause a denial of service DoS via Wi-Fi deauthentication. Recommendations: For Qubo Smart Plug 10A...

7.5CVSS7.2AI score0.00545EPSS
Exploits0References7
cve
cve
added 2023/09/11 12:0 a.m.56 views

CVE-2023-36161

The CVE-2023-36161 entry concerns the Qubo Smart Plug 10A, specifically version HSP02_01_01_14_SYSTEM-10A. The connected documents corroborate a vulnerability that enables an attacker to cause a denial of service (DoS) through Wi‑Fi deauthentication. The risk is tied to the product’s Wi‑Fi handli...

7.5CVSS7.3AI score0.00545EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2023/07/13 4:15 p.m.27 views

CVE-2023-33768

Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service DoS via a crafted firmware file...

6.5CVSS0.01106EPSS
Exploits1References3
prion
prion
added 2023/07/13 4:15 p.m.22 views

Design/Logic Flaw

Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service DoS via a crafted firmware file...

4.3CVSS6.3AI score0.01106EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2023/07/13 12:0 a.m.12 views

CVE-2023-33768

Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service DoS via a crafted firmware file...

6.7AI score0.01106EPSS
Exploits1References3
cvelist
cvelist
added 2023/07/13 12:0 a.m.36 views

CVE-2023-33768

Incorrect signature verification of the firmware during the Device Firmware Update process of Belkin Wemo Smart Plug WSP080 v1.2 allows attackers to cause a Denial of Service DoS via a crafted firmware file...

6.5AI score0.01106EPSS
Exploits1References3
thn
thn
added 2023/05/17 10:17 a.m.4 views

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217 , was discovered and reported to Belkin on...

9.8CVSS7.7AI score0.0099EPSS
Exploits1
thn
thn
added 2023/05/17 10:17 a.m.46 views

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on...

7.8AI score0.0099EPSS
Exploits1
bdu_fstec
bdu_fstec
added 2023/05/11 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the Nexx Garage Door Controller (NXG-100B, NXG-200), Nexx Smart Plug (NXPG-100W), and Nexx Smart Alarm (NXAL-100) stems from insufficient validation of input data. This allows intruders to obtain information intended for other devices.

The vulnerabilities of the microprogrammed software of the Nexx Garage Door Controller NXG-100B, NXG-200, Nexx Smart Plug NXPG-100W, and Nexx Smart Alarm NXAL-100 are related to insufficient verification of input data. Exploiting these vulnerabilities can allow an attacker operating remotely to...

7.5CVSS6AI score0.00586EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/05/11 12:0 a.m.10 views

The vulnerability of microprogrammed software in Nexx Garage Door Controllers (NXG-100B, NXG-200), Nexx Smart Plugs (NXPG-100W), and Nexx Smart Alarms (NXAL-100) lies in their susceptibility to being bypassed through the use of a user-controlled key. This allows intruders to alter the settings of the devices and gain access to information about them.

The vulnerability of the microprogrammed software of the Nexx Garage Door Controller NXG-100B, NXG-200, Nexx Smart Plug NXPG-100W, and Nexx Smart Alarm NXAL-100 lies in the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability could allow an intruder to...

7.5CVSS7.2AI score0.00485EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2023/05/11 12:0 a.m.8 views

The vulnerability of the microprogrammed software of the Nexx Garage Door Controller (NXG-100B, NXG-200), Nexx Smart Plug (NXPG-100W), and Nexx Smart Alarm (NXAL-100) lies in the ability to bypass authentication by using a user-controlled key. This allows intruders to execute arbitrary commands.

The vulnerability of the microprogrammed software of the Nexx Garage Door Controller NXG-100B, NXG-200, Nexx Smart Plug NXPG-100W, and Nexx Smart Alarm NXAL-100 lies in the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows an unauthorized person...

6.8CVSS7AI score0.00501EPSS
Exploits0References2
cve
cve
added 2023/04/04 4:56 p.m.110 views

CVE-2023-1748

CVE-2023-1748 affects Nexx Smart Home devices (Nexx Garage Door Controller NXG-100B/NXG-200, Nexx Smart Plug NXPG-100W, Nexx Smart Alarm NXAL-100). The root cause is use of hard-coded credentials, enabling an unauthenticated attacker with access to the Nexx Home mobile app or affected firmware to...

10CVSS9.6AI score0.00826EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder