CVE-2021-32934

The affected ThroughTek P2P products SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module do not sufficiently protect data...

Critical ThroughTek SDK Bug Could Let Attackers Spy On Millions of IoT Devices

A security vulnerability has been found affecting several versions of ThroughTek Kalay P2P Software Development Kit SDK, which could be abused by a remote attacker to take control of an affected device and potentially lead to remote code execution. Tracked as CVE-2021-28372 CVSS score: 9.6 and...