CVE-2020-11015

CVE-2020-11015

A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0.
Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC
address may pass to create new UDID with same MAC address. Full impact needs to be reviewed further. Applies
to all (mostly ESP8266/ESP32) users.

This has been fixed in firmware version 2.5.0.

Source: CVE-2020-11015

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다