Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-01-23T00:00:00
Updated: 2024-08-02T19:16:50.595Z
Reserved: 2023-09-08T00:00:00
Link: CVE-2023-42143
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-23T20:15:45.097
Modified: 2024-11-21T08:22:21.327
Link: CVE-2023-42143
Redhat
No data.