RSS   Vulnerabilities for 'Smart home firmware'   RSS

2018-03-31
 
CVE-2018-9162

CWE-306
 

 
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors.

 


Copyright 2024, cxsecurity.com

 

Back to Top