all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Vulnerabilities Found in Techview LA-5570 Wireless Gateway Home Automation Controller

Add to bookmarks
Aug. 28, 2023, 11:09 p.m. | /u/9lyph

/r/netsec - Information Security News & Discussion www.reddit.com

CVE-2023-34723

Vulnerability Type: Directory Indexing, allows a threat actor to list the contents of specific directories outside of the web root context.

CVE-2023-34724

Vulnerability Type: On-Chip Debug and Test Interface With Improper Access Control, allows a threat actor unrestricted access to the root filesystem using an exposed UART interface, without the need for authentication.

CVE-2023-34725

Vulnerability Type: Incorrect Access Control, allows a threat actor access to sensitive systems configuration files without proper authentication or authorisation.

access access control actor automation chip context control controller cve debug directory exposed filesystem found gateway home home automation interface list netsec root test the web threat threat actor vulnerabilities vulnerability web wireless

Visit resource

More from www.reddit.com / /r/netsec - Information Security News & Discussion

Flutter Windows Thick Client SSL Pinning Bypass 1 day ago | www.reddit.com
bypass client flutter netsec +5
Demystifying RCE Vulnerabilities in LLM-Integrated Apps 1 day, 2 hours ago | www.reddit.com
apps llm netsec rce +1
Ever wondered where your inserted data went? Our Burp Suite Extension FlowMate helps you find … 1 day, 4 hours ago | www.reddit.com
burp burp suite data extension +2
Microsoft Developer Blogs Search Tool 1 day, 14 hours ago | www.reddit.com
blogs developer microsoft netsec +2
North Korea's Lazarus Group Tied to Laundering $200M+ in Crypto Since 2020 2 days, 10 hours ago | www.reddit.com
crypto korea laundering lazarus +4
It’s Morphin’ Time: Self-Modifying Code Sections with WriteProcessMemory for EDR Evasion 2 days, 12 hours ago | www.reddit.com
code edr edr evasion evasion +1
A Basic Guide to AFL QEMU 3 days, 18 hours ago | www.reddit.com
afl basic binary function +6
Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams 4 days, 3 hours ago | www.reddit.com
docker docker hub malware netsec +4
Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP with Syzkaller 4 days, 8 hours ago | www.reddit.com
fuzzing netsec tcp

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs