6 matches found
EUVD-2022-46686
Malicious code in bioql PyPI...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
Design/Logic Flaw
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
CVE-2022-43704 affects Sinilink XY-WFT1 WiFi Remote Thermostat (firmware 1.3.6). The issue allows an attacker to bypass the requirement to use MQTT and replay SINILINK521 protocol commands over UDP/1024, interfacing directly with the device to control the onboard relay without mobile-app authenti...