EUVD-2021-15055

Malware in sbrugna...

ThroughTek Kalay Platform 安全漏洞

Throughtek ThroughTek Kalay Platform is an application from China's IOT Intelligence throughtek. The Kalay Cloud Platform service is enabled using P2P technology. A security vulnerability exists in ThroughTek Kalay Platform, which stems from an issue where there is an error in handling PSK...

ThroughTek Kalay Platform 数据伪造问题漏洞

Throughtek ThroughTek Kalay Platform is an application from China IOT Intelligence throughtek Inc. The Kalay Cloud Platform service is enabled using P2P technology. A data forgery issue vulnerability exists in ThroughTek Kalay Platform versions prior to 4.3.4.2, which stems from a vulnerability...

The vulnerability of the Kalay P2P SDK, related to bypassing authentication through spoofing, allows a perpetrator to compromise IoT devices and gain unauthorized access to protected information.

The vulnerability of the Kalay P2P SDK lies in the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor to compromise IoT devices and gain unauthorized access to protected information...

CVE-2021-28372

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...

CVE-2021-28372

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...

Code injection

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...

CVE-2021-28372

CVE-2021-28372 affects ThroughTek’s Kalay Platform (Kalay Platform 2.0) and Kalay P2P SDK. The root cause is a device impersonation flaw: an attacker who obtains a valid 20-byte Kalay UID can register or hijack a device on the Kalay network, causing client connections to be redirected and enablin...

CVE-2021-28372

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek TUTK device given a valid 20-byte uniquely assigned identifier UID. This could result in an attacker hijacking a victim's connection and forcing them into supplying credentials needed to access the...

Millions of Web Camera and Baby Monitor Feeds Are Exposed

A vulnerability in the Kalay platform leaves countless IoT devices susceptible to hackers...

ThroughTek Kalay Platform 访问控制错误漏洞

throughtek ThroughTek Kalay Platform is an application from China IOT Intelligence Corporation throughtek Inc. The Kalay Cloud Platform service is enabled using P2P technology. An Access Control Error vulnerability exists in ThroughTek Kalay Platform that originates in the product network that...

PT-2021-3820 · Throughtek · Throughtek Kalay Platform +1

Name of the Vulnerable Software and Affected Versions: ThroughTek Kalay Platform version 2.0 ThroughTek Kalay P2P SDK affected versions not specified Description: The issue is related to the bypass of authentication via spoofing, allowing a remote attacker to compromise IoT devices and gain...