Lucene search
+L

78 matches found

cnnvd
cnnvd
added 2023/04/04 12:0 a.m.7 views

多款Nexx产品授权问题漏洞

Nexx Garage Door Controller and others are products of Nexx Corporation.Nexx Garage Door Controller is a garage door controller.Nexx Smart Plug is a smart plug.Nexx Smart Alarm is a smart alarm. A security vulnerability exists in the Nexx Smart Home Device that stems from allowing any user to...

8.1CVSS5.2AI score0.00517EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2023/04/04 12:0 a.m.12 views

PT-2023-2619 · Nexx · Nexx Smart Alarm +2

Name of the Vulnerable Software and Affected Versions: Nexx Garage Door Controller versions NXG-100B, NXG-200 Nexx Smart Plug version NXPG-100W Nexx Smart Alarm version NXAL-100 Description: The issue is related to the use of hard-coded credentials in the firmware of Nexx Smart Home devices. This...

10CVSS9.5AI score0.00826EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2023/04/04 12:0 a.m.5 views

PT-2023-2623 · Nexx · Nexx Garage Door Controller +3

Name of the Vulnerable Software and Affected Versions: Nexx Smart Home devices affected versions not specified Nexx Garage Door Controller NXG-100B, NXG-200 Nexx Smart Plug NXPG-100W Nexx Smart Alarm NXAL-100 Description: The issue is related to weaknesses in the authentication procedure of Nexx...

8.1CVSS4.6AI score0.00517EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/04/04 12:0 a.m.6 views

PT-2023-2620 · Nexx · Nexx Smart Alarm +2

Name of the Vulnerable Software and Affected Versions: Nexx Garage Door Controller versions NXG-100B, NXG-200 Nexx Smart Plug version NXPG-100W Nexx Smart Alarm version NXAL-100 Description: The issue is related to a lack of proper access control when executing actions on Nexx Smart Home devices...

6.8CVSS6.5AI score0.00501EPSS
Exploits0References7
cnnvd
cnnvd
added 2023/04/04 12:0 a.m.5 views

多款Nexx产品信任管理问题漏洞

Nexx Garage Door Controller and others are products of Nexx Corporation.Nexx Garage Door Controller is a garage door controller.Nexx Smart Plug is a smart plug.Nexx Smart Alarm is a smart alarm. A security vulnerability exists in the Nexx Smart Home Device that stems from the use of hard-coded...

10CVSS8.8AI score0.00826EPSS
Exploits0References3
cnvd
cnvd
added 2021/08/12 12:0 a.m.16 views

D-Link DSP-W215 null pointer dereference vulnerability

The D-Link DSP-W215 is a smart plug product from D-Link, a Taiwan-based company. A security vulnerability exists in the D-Link DSP-W215 1.10, which can be exploited by attackers to cause a denial of service for related devices...

7.5CVSS4.6AI score0.01127EPSS
Exploits0References1
trellix
trellix
added 2020/08/18 12:0 a.m.17 views

‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product

ARCHIVED STORY ‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product By Douglas McKee · August 18, 2020 Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn...

8.5AI score0.03701EPSS
Exploits0
trellix
trellix
added 2020/08/18 12:0 a.m.9 views

‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product

ARCHIVED STORY ‘Insight’ into Home Automation Reveals Vulnerability in Simple IoT Product By Douglas McKee · August 18, 2020 Eoin Carroll, Charles McFarland, Kevin McGrath, and Mark Bereza contributed to this report. The Internet of Things promises to make our lives easier. Want to remotely turn...

10CVSS9.6AI score0.03701EPSS
Exploits0
cnvd
cnvd
added 2020/05/19 12:0 a.m.3 views

D-Link DSP-W215 Information Disclosure Vulnerability (CNVD-2020-33174)

The D-Link DSP-W215 is a smart plug product from Taiwan, China-based AUO D-Link. A security vulnerability exists in D-Link DSP-W215 version 1.26b03. An attacker can exploit the vulnerability to cause information disclosure...

6.5CVSS6.6AI score0.00755EPSS
Exploits0References1
cnvd
cnvd
added 2019/09/02 12:0 a.m.3 views

Unspecified Vulnerability in Eques Technology elf smart plug

Eques Technology elf smart plug is a smart plug device from Eques Technology in China. A security vulnerability exists in the Eques Technology elf smart plug. An attacker could use this vulnerability to discover all smart plugs in a network, take control of the device and perform actions...

8.8CVSS6.9AI score0.01377EPSS
Exploits1References1
nvd
nvd
added 2019/08/29 1:15 p.m.19 views

CVE-2019-15745

The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart...

8.8CVSS8.7AI score0.01377EPSS
Exploits1References5
prion
prion
added 2019/08/29 1:15 p.m.25 views

Hardcoded credentials

The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart...

3.3CVSS8.5AI score0.01377EPSS
Exploits1References5
cve
cve
added 2019/08/29 12:40 p.m.46 views

CVE-2019-15745

The CVE-2019-15745 entry concerns the Eques elf smart plug (and its mobile app). The vulnerability arises from a hardcoded AES-256 key used to encrypt commands/responses between the device and the app, with communication over UDP port 27431. According to the sources, an attacker on the local netw...

8.8CVSS8.5AI score0.01377EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2019/08/29 12:40 p.m.29 views

CVE-2019-15745

The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart...

8.7AI score0.01377EPSS
Exploits1References5
trellix
trellix
added 2019/04/18 12:0 a.m.15 views

IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target?

ARCHIVED STORY IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target? By Steve Povolny · April 18, 2019 Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary functions. In this blog, we...

0.2AI score0.03701EPSS
Exploits0
trellix
trellix
added 2019/04/18 12:0 a.m.16 views

IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target?

ARCHIVED STORY IoT Zero-Days – Is Belkin WeMo Smart Plug the Next Malware Target? By Steve Povolny · April 18, 2019 Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary functions. In this blog, we...

10CVSS8.7AI score0.03701EPSS
Exploits0
cnvd
cnvd
added 2018/08/23 12:0 a.m.6 views

Belkin Wemo Insight Smart Plug Stack Buffer Overflow Vulnerability

Belkin Wemo Insight Smart Plug is a smart plug device from Belkin USA. A stack buffer overflow vulnerability exists in the libUPnPHndlr.so file in the Belkin Wemo Insight Smart Plug. A remote attacker can exploit this vulnerability to bypass local security protections with the help of specially...

10CVSS6.3AI score0.03701EPSS
Exploits0References1
cvelist
cvelist
added 2018/08/21 2:0 p.m.21 views

CVE-2018-6692 Wemo Insight Smart Plug - Remote Code Execution vulnerability

Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet...

5.9CVSS9.1AI score0.03701EPSS
Exploits0References1
cve
cve
added 2018/08/21 2:0 p.m.48 views

CVE-2018-6692

CVE-2018-6692 describes a stack-based buffer overflow in Belkin’s Wemo Insight Smart Plug, specifically in the library libUPnPHndlr.so. The flaw can be triggered by crafting an HTTP POST to UPnP endpoints (notably through the EnergyPerUnitCostVersion field inside a SOAP/UPnP payload), leading to ...

10CVSS7.2AI score0.03701EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2018/07/18 12:0 a.m.14 views

Belkin WeMo Switch Smart Plug Detection via SSDP

Binary data 700294.prm...

7.3AI score
Exploits0References1
Rows per page
Query Builder