CVE-2018-11315

Exploit

EPSS 0.08%
Veröffentlicht 20.05.2018 13:29:00
Zuletzt bearbeitet 21.11.2024 03:43:07
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Radiothermostat ≫ Ct50 Firmware Version <= 1.04.84

Radiothermostat ≫ Ct50 Version-

Radiothermostat ≫ Ct80 Firmware Version <= 1.04.84

Radiothermostat ≫ Ct80 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.256

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/brannondorsey/radio-thermostat

Third Party Advisory

Exploit

https://medium.com/%40brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325

https://www.wired.com/story/chromecast-roku-sonos-dns-rebinding-vulnerability

https://nvd.nist.gov/vuln/detail/CVE-2018-11315

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-11315

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-11315

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-11315