Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lutron radioRA2、stanza和HomeworkQS 信任管理问题漏洞
Vulnerability Description
Lutron Electronics radioRA2等都是美国路创电子(Lutron Electronics)公司的一套照明控制系统。 Lutron radioRA2、stanza和HomeworkQS中存在信任管理问题漏洞,该漏洞源于程序带有不可移除的默认凭证(用户:lutron,密码:integration)。攻击者可利用该漏洞以超级用户身份控制IoT设备。
CVSS Information
N/A
Vulnerability Type
N/A