该漏洞编号已预留给漏洞申报者 CVE-2019-11334

4.3 AV AC AU C I A
发布: 2019-06-11
修订: 2019-06-17

An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources (that are not otherwise accessible without proper authentication) via capture-replay. Physically proximate attackers can use this information to unlock unauthorized Tzumi Electronics Klic Smart Padlock Model 5686 Firmware 6.2.

0%
暂无可用Exp或PoC
当前有2条受影响产品信息