13 matches found
EUVD-2022-38947
Malicious code in bioql PyPI...
CVE-2022-36228
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app...
CVE-2022-36228
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app...
Default credentials
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app...
CVE-2022-36228
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app...
CVE-2022-36228
CVE-2022-36228 affects Nokelock Smart padlock O1 version 5.3.0 with Insecure Permissions that allow sending a request to add any device and set the device password in the Nokelock app. Multiple connected sources corroborate the issue. Practical impact is elevated because an unauthenticated action...
CVE-2022-36228
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app...
Unauthorized Access Vulnerability in O1 Smart Padlock of Shenzhen IOT Lock Technology Co.
O1 smart padlock produced by Shenzhen IOT Lock Technology Co., Ltd. is a smart lock that can be unlocked via Bluetooth using cell phone APP. Ltd. O1 smart padlock has an unauthorized access vulnerability that can be exploited by an attacker to remotely unlock the lock by replaying the user's unlo...
Authentication flaw
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources that are not otherwise accessible without proper authentication via capture-replay. Physically proximate attackers can use this informatio...
CVE-2019-11334
The CVE-2019-11334 issue is an authentication bypass in the Tzumi Electronics Klic Lock ecosystem. The vulnerability affects the Klic Lock mobile app (version 1.0.9) and the Klic Smart Padlock (Firmware 6.2). Attackers can exploit capture-replay of website POST requests to access resources that s...
CVE-2019-11334
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources that are not otherwise accessible without proper authentication via capture-replay. Physically proximate attackers can use this informatio...
What’s in the Box?
ARCHIVED STORY What’s in the Box? By Sam Quinn · February 25, 2019 2018 was another record-setting year in the continuing trend for consumer online shopping. With an increase in technology and efficiency, and a decrease in cost and shipping time, consumers have clearly made a statement that...
What’s in the Box?
ARCHIVED STORY What’s in the Box? By Sam Quinn · February 25, 2019 2018 was another record-setting year in the continuing trend for consumer online shopping. With an increase in technology and efficiency, and a decrease in cost and shipping time, consumers have clearly made a statement that...