5 matches found
CVE-2016-5056
CVE-2016-5056 affects OSRAM SYLVANIA Osram Lightify Pro devices with a PSK limited to 8 hex digits (firmware prior to 2016-07-26). Connected data also references OSRAM Lightify Home vulnerabilities (e.g., MITM risk due to lack of SSL pinning) in related ENISA/CNVD entries, but the Lightify Pro PS...
CVE-2016-5057
The CVE-2016-5057 issue affects OSRAM SYLVANIA Osram Lightify Pro, caused by the product not using SSL pinning. This enables potential MITM scenarios where an attacker could intercept SSL traffic. Public details in connected CNVD/EUVD entries indicate versions up to 2016-07-26 are affected. No of...
CVE-2016-5059
CVE-2016-5059 involves OSRAM SYLVANIA Osram Lightify Home. The CNVD entry (CNVD-2017-12298) describes it as a vulnerability in versions up to 2016-07-26 where the application fails to implement SSL pinning, enabling a man-in-the-middle attacker to intercept SSL/TLS traffic from the affected syste...
CVE-2016-5055
CVE-2016-5055 affects OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26, with XSS in the username field and the Wireless Client Mode configuration page. NVD data lists CVSS2/3 base scores (4.3/6.1) and NETWORK attack vector; impact includes partial integrity and low confidentiality, with user...
CVE-2016-5058
CVE-2016-5058 references OSRAM SYLVANIA Osram Lightify Pro/Lightify Home. Connected CNVD data reveals a MITM vulnerability in Lightify Home due to the program’s failure to use SSL pinning, affecting versions 2016-07-26 and earlier. An attacker could intercept SSL/TLS traffic and capture encrypted...