Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/153184/Inateck-2.4-GHz-Wireless-Presenter-WP1001-Keystroke-Injection.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2019/Jun/4 | Mailing List Third Party Advisory |
https://seclists.org/bugtraq/2019/Jun/2 | Mailing List Third Party Advisory |
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-007.txt | Third Party Advisory |
http://packetstormsecurity.com/files/153184/Inateck-2.4-GHz-Wireless-Presenter-WP1001-Keystroke-Injection.html | Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2019/Jun/4 | Mailing List Third Party Advisory |
https://seclists.org/bugtraq/2019/Jun/2 | Mailing List Third Party Advisory |
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-007.txt | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/153184/Inateck-2.4-GHz-Wireless-Presenter-WP1001-Keystroke-Injection.html - Third Party Advisory, VDB Entry | |
References | () http://seclists.org/fulldisclosure/2019/Jun/4 - Mailing List, Third Party Advisory | |
References | () https://seclists.org/bugtraq/2019/Jun/2 - Mailing List, Third Party Advisory | |
References | () https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-007.txt - Third Party Advisory |
Information
Published : 2019-06-07 21:29
Updated : 2024-11-21 04:22
NVD link : CVE-2019-12505
Mitre link : CVE-2019-12505
CVE.ORG link : CVE-2019-12505
JSON object : View
Products Affected
inateck
- wp1001_firmware
- wp1001