Описание
Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 1.4.64 (включая)
Одновременно
cpe:2.3:o:radiothermostat:ct50_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:radiothermostat:ct50:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.4.64 (включая)
Одновременно
cpe:2.3:o:radiothermostat:ct80_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:radiothermostat:ct80:-:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00401
Низкий
8.3 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Radio Thermostat CT80 And CT50 with firmware 1.4.64 and earlier does not restrict access to the API, which allows remote attackers to change the operation mode, wifi connection settings, temperature thresholds, and other settings via unspecified vectors.
EPSS
Процентиль: 60%
0.00401
Низкий
8.3 High
CVSS2
Дефекты
CWE-264