Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IoTivity 输入验证错误漏洞
Vulnerability Description
IoTivity是一个支持设备与设备互联的物联网框架。 IoTivity 1.3.1及之前版本中存在输入验证漏洞。攻击者可利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A