11 matches found
EUVD-2026-12227
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...
CVE-2026-28520
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...
CVE-2026-28520
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...
CVE-2026-28520 arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow Remote Code Execution
arduino-TuyaOpen before version 1.2.1 contains a single-byte buffer overflow vulnerability in the WiFiMulti component. When the victim's smart hardware connects to an attacker-controlled AP hotspot, the attacker can exploit the overflow to execute arbitrary code on the affected embedded device...
EUVD-2025-202619
The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were locate...
CVE-2025-65823
The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...
CVE-2025-65823
The Meatmeet Pro was found to be shipped with hardcoded Wi-Fi credentials in the firmware, for the test network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor...
CVE-2025-65826
The mobile application was found to contain stored credentials for the network it was developed on. If an attacker retrieved this, and found the physical location of the Wi-Fi network, they could gain unauthorized access to the Wi-Fi network of the vendor. Additionally, if an attacker were locate...
CVE-2025-65826
CVE-2025-65826 affects the Meatmeet Pro mobile application (examples in multiple disclosures show the vulnerability stemming from hard-coded/stored network credentials within the app). The issue enables attackers who obtain the credentials and the device’s Wi‑Fi network location to gain unauthori...
CVE-2025-65823
CVE-2025-65823 affects the Meatmeet Pro device. The firmware reportedly ships with hardcoded Wi‑Fi credentials from its test network, enabling an attacker who obtains these credentials to gain unauthorized access to the vendor’s Wi‑Fi network. Additionally, a nearby attacker during initial setup ...
PT-2025-50501
Name of the Vulnerable Software and Affected Versions Mobile application affected versions not specified Description The mobile application stores network credentials. An attacker retrieving these credentials, along with the physical location of the Wi-Fi network, could gain unauthorized access t...