CVE-2021-35067

Published: Oct 7, 2021Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: NVD

Description

Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).

Affected (1)

Products: Meross: Msg100 Firmware

Meross

1 product

Msg100 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Meross Msg100 Firmware	Before 3.2.3

Running on/with	Platform Versions
Meross Msg100	All versions

Related CWEs

CWE-294

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References (4)

https://infosec.rm-it.de/2021/06/18/meross-smart-wi-fi-garage-door-opener-analysis/

Source: cve@mitre.org

ExploitThird Party Advisory

https://infosec.rm-it.de/?p=878&preview=1&_ppp=219bc85c2f

Source: cve@mitre.org

ExploitThird Party Advisory

https://infosec.rm-it.de/2021/06/18/meross-smart-wi-fi-garage-door-opener-analysis/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://infosec.rm-it.de/?p=878&preview=1&_ppp=219bc85c2f

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.