CVE-2018-6402

Ecobee Ecobee4 4.2.0.171 devices can be forced to deauthenticate and connect to an unencrypted Wi-Fi network with the same SSID, even if the device settings specify use of encryption such as WPA2, as long as the competing network has a stronger signal. An attacker must be able to set up a nearby SSID, similar to an "Evil Twin" attack.
References
Link Resource
https://garrettmiller.github.io/meross-mss110-vuln/ Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2020-04-14 07:15

Updated : 2020-08-24 05:37


NVD link : CVE-2018-6402

Mitre link : CVE-2018-6402

Products Affected
No products.
CWE