CVE-2017-6445

Posted on by admin

CVE-2017-6445

The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3 and 7.0.1 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely.

Source: CVE-2017-6445

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다