4 matches found
CVE-2018-11629
Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not...
Design/Logic Flaw
DISPUTED Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this ...
CVE-2018-11629
CVE-2018-11629 affects Lutron HomeWorks QS devices using the HomeWorks QS integration protocol (Rev M–Y). The issue arises from default, unremovable credentials (user: lutron, password: integration) that permit Telnet access and full admin-like control of the IoT device. Exploitation appears to e...
PT-2018-10714 · Lutron · Homeworks Qs
Name of the Vulnerable Software and Affected Versions: HomeWorks QS Lutron integration protocol versions Revision M through Revision Y Description: The issue allows attackers to gain total super user control of an IoT device through a TELNET session. Default and unremovable support credentials ar...