2 matches found
CVE-2020-11015
CVE-2020-11015 affects the thinx-device-api IoT Device Management Server prior to firmware 2.5.0. The root issue allows a spoofed MAC address to bypass UDID checks during initial registration, potentially enabling creation of a new UDID with the same MAC address (noted to apply to ESP8266/ESP32 d...
CVE-2020-11015 Device Authentication Vulnerability in thinx-device-api IoT Device Management Server
A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...