Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-23T00:00:00

Updated: 2024-08-02T19:16:50.595Z

Reserved: 2023-09-08T00:00:00

Link: CVE-2023-42143

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-23T20:15:45.097

Modified: 2024-11-21T08:22:21.327

Link: CVE-2023-42143

cve-icon Redhat

No data.