3 matches found
Authentication flaw
An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege...
CVE-2019-15069
CVE-2019-15069 affects Smart Battery A4 via an unsafe authentication interface in firmware versions up to r1.7.9. An attacker can bypass authentication and obtain web page management privileges without modifying device files. The CVE is corroborated by multiple sources in the connected set (NVD e...
CVE-2019-15068
CVE-2019-15068 concerns the Smart Battery A4 portable charger. Connected sources confirm a broken access control flaw affecting firmware versions up to and including r1.7.9, enabling an attacker to obtain or reset the administrator password without authentication. The vulnerability is described a...