20 matches found
EUVD-2016-6011
Malware in sbrugna...
CVE-2016-5053
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000...
CVE-2016-5056
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...
CVE-2016-5051
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application...
CVE-2016-5054
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...
CVE-2016-5055
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...
Design/Logic Flaw
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay...
Buffer overflow
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning...
Design/Logic Flaw
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000...
Code injection
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...
Buffer overflow
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...
Buffer overflow
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning...
Design/Logic Flaw
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...
CVE-2016-5056
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK...
CVE-2016-5051
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application...
CVE-2016-5054
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay...
CVE-2016-5059
CVE-2016-5059 involves OSRAM SYLVANIA Osram Lightify Home. The CNVD entry (CNVD-2017-12298) describes it as a vulnerability in versions up to 2016-07-26 where the application fails to implement SSL pinning, enabling a man-in-the-middle attacker to intercept SSL/TLS traffic from the affected syste...
CVE-2016-5052
OSRAM SYLVANIA Osram Lightify Home is affected by CVE-2016-5052. The issue stems from the product’s failure to use SSL pinning in versions up to 2016-07-26, allowing a potential attacker to perform a man-in-the-middle (MITM) attack and intercept SSL/TLS traffic. The CNVD entry confirms the vulner...
CVE-2016-5055
CVE-2016-5055 affects OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26, with XSS in the username field and the Wireless Client Mode configuration page. NVD data lists CVSS2/3 base scores (4.3/6.1) and NETWORK attack vector; impact includes partial integrity and low confidentiality, with user...
CVE-2016-5055
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...