An issue in Kloudq Technologies Limited Tor Equip 1.0, Tor Loco Mini 1.0 through 3.1 allows a remote attacker to execute arbitrary code via a crafted request to the MQTT component.
References
| Link | Resource |
|---|---|
| https://writeups.ayyappan.me/v/tor-iot-mqtt/ | Exploit Press/Media Coverage Third Party Advisory |
| https://writeups.ayyappan.me/v/tor-iot-mqtt/ | Exploit Press/Media Coverage Third Party Advisory |
Configurations
History
21 Nov 2024, 08:21
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://writeups.ayyappan.me/v/tor-iot-mqtt/ - Exploit, Press/Media Coverage, Third Party Advisory |
01 Dec 2023, 16:56
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-287 | |
| First Time |
Kloudq tor Lenz
Kloudq tor Equip Gateway Kloudq tor Loco Min Kloudq Kloudq tor Shield |
|
| CPE | cpe:2.3:a:kloudq:tor_equip_gateway:1.0:*:*:*:*:mqtt:*:* cpe:2.3:a:kloudq:tor_loco_min:*:*:*:*:*:mqtt:*:* cpe:2.3:a:kloudq:tor_shield:1.0:*:*:*:*:mqtt:*:* cpe:2.3:a:kloudq:tor_lenz:0.0.1:*:*:*:*:mqtt:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| References | () https://writeups.ayyappan.me/v/tor-iot-mqtt/ - Exploit, Press/Media Coverage, Third Party Advisory |
15 Nov 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-11-15 22:15
Updated : 2024-11-21 08:21
NVD link : CVE-2023-41442
Mitre link : CVE-2023-41442
CVE.ORG link : CVE-2023-41442
JSON object : View
Products Affected
kloudq
- tor_loco_min
- tor_equip_gateway
- tor_shield
- tor_lenz
CWE
CWE-287
Improper Authentication