CVE-2024-7206

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware
CVSS

No CVSS.

Configurations

No configuration.

History

10 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) Omisión de fijación SSL en eWeLink Algunos productos de hardware permiten a un ATACANTE local descifrar la comunicación TLS y extraer secretos para clonar el dispositivo a través de Flash del firmware modificado

08 Oct 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-08 07:15

Updated : 2024-10-10 12:56


NVD link : CVE-2024-7206

Mitre link : CVE-2024-7206

CVE.ORG link : CVE-2024-7206


JSON object : View

Products Affected

No product.

CWE
CWE-295

Improper Certificate Validation

CWE-798

Use of Hard-coded Credentials