all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-43704 - Capture-Replay Vulnerability in Sinilink XY-WFT1 Thermostat

Add to bookmarks
Jan. 12, 2023, midnight |

SpiderLabs Blog from Trustwave www.trustwave.com

Trustwave SpiderLabs has found a vulnerability in the Sinilink XY-WFT1 Remote WiFi home Thermostat. When running firmware V1.3.6, it allows an attacker to replay the same data or similar data, possibly allowing an attacker to control the device attached to the relay without requiring authentication.

authentication capture control cve data device firmware home relay replay trustwave trustwave spiderlabs vulnerability wifi

Visit resource

More from www.trustwave.com / SpiderLabs Blog from Trustwave

Guardians of the Gateway: Identity and Access Management Best Practices 18 hours ago | www.trustwave.com
access access management best practices blog +16
Protecting Zion: InfoSec Encryption Concepts and Tips 1 week ago | www.trustwave.com
blog blog posts can concepts +11
EDR – The Multi-Tool of Security Defenses 2 weeks ago | www.trustwave.com
blog blog posts can cybersecurity +10
The Invisible Battleground: Essentials of EASM 2 weeks ago | www.trustwave.com
attack attack surface attack surface management cyber +13
Fake Dialog Boxes to Make Malware More Convincing 2 weeks, 5 days ago | www.trustwave.com
dialog engagement fake loader +7
The Secret Cipher: Modern Data Loss Prevention Solutions 3 weeks ago | www.trustwave.com
automated can cipher data +18
CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway 3 weeks, 3 days ago | www.trustwave.com
alto arbitrary code attacker code +25
CNAPP, CSPM, CIEM, CWPP – Oh My! 4 weeks ago | www.trustwave.com
alphabet ciem cnapp cspm +9
Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region 1 month ago | www.trustwave.com
american attachment campaign deception +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs