Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linkplay firmware 安全漏洞
Vulnerability Description
Linkplay firmware是一个应用软件。提供一个交钥匙解决方案,包括软件、语音、Wi-Fi、蓝牙物联网/瘦客户端模块、领先的语音助手服务(如Amazon Alexa和许多流行的国际语音助手服务)以及集成到一个中央移动应用程序中的全球流内容,以实现智能、语音启用和物联网产品。 Linkplay firmware中存在安全漏洞。攻击者可利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A