11 matches found
EUVD-2022-46686
Malicious code in bioql PyPI...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
Design/Logic Flaw
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
CVE-2022-43704 affects Sinilink XY-WFT1 WiFi Remote Thermostat (firmware 1.3.6). The issue allows an attacker to bypass the requirement to use MQTT and replay SINILINK521 protocol commands over UDP/1024, interfacing directly with the device to control the onboard relay without mobile-app authenti...
PT-2023-14296 · Sinilink · Sinilink Xy-Wft1 Wifi Remote Thermostat
Name of the Vulnerable Software and Affected Versions: Sinilink XY-WFT1 WiFi Remote Thermostat version 1.3.6 Description: The issue allows an attacker to bypass the intended requirement to communicate using MQTT, enabling them to replay Sinilink aka SINILINK521 protocol commands via udp/1024 to...
Sinilink XY-WFT1 WiFi Remote Thermostat 安全漏洞
Sinilink XY-WFT1 WiFi Remote Thermostat is a remote thermostat from Sinilink. A security vulnerability exists in the Sinilink XY-WFT1 WiFi Remote Thermostat version 1.3.6, which stems from the lack of need to authenticate via a mobile application, allowing an attacker to bypass the expected...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
CVE-2022-43704
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol udp/1024 commands interfacing directly with the target device. This, in turn, allows for...
Exploit for Authentication Bypass by Capture-replay in Sinilink Xy-Wft1_Firmware
CVE-2022-43704 - Channel Accessible by Non-Endpoint/Authentica...