Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obtain complete control of the connected accessories) by leveraging the ability to sniff HTTP traffic on the local intranet network.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Philips Hue Bridge BSB002 public API 安全漏洞
Vulnerability Description
Philips Hue Bridge BSB002是荷兰飞利浦(Philips)公司的一套智能家庭照明系统。public API是其中的一个公共接口。 使用1707040932版本固件的Philips Hue Bridge BSB002中的public API存在安全漏洞,该漏洞程序没有对传输进行加密。远程攻击者可利用该漏洞读取API密钥,绕过pushlink保护机制并完全控制连接的配件。
CVSS Information
N/A
Vulnerability Type
N/A