Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MiCasaVerde VeraLite 授权问题漏洞
Vulnerability Description
Mi Casa Verde VeraLite是中国香港Mi Casa Verde公司的一套家用网关控制器设备。该设备可通过电脑或手机,对家庭Wi-Fi网络所连接的家电进行控制。 使用1.5.408版本固件的MiCasaVerde VeraLite中的HomeAutomationGateway服务存在授权问题漏洞。远程攻击者可通过RunLua操作利用该漏洞执行任意Lua代码。
CVSS Information
N/A
Vulnerability Type
N/A