CVE-2018-9162

Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors.
References
Link Resource
https://www.exploit-db.com/exploits/44295/ Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2018-03-31 10:29

Updated : 2018-05-15 12:52


NVD link : CVE-2018-9162

Mitre link : CVE-2018-9162

Products Affected
No products.
CWE