Contec Health CMS8000

The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write arbitrary files or display incorrect information.

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

访问控制不恰当

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor 访问控制错误漏洞

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor是Contec Health公司的一款生命体征病人监护仪。 Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor存在访问控制错误漏洞，该漏洞源于其无法正常控制或清理新的Wi-Fi接入点的SSID名称。攻击者可以创建带有恶意名称的SSID（包括非标准字符），当设备试图连接到恶意SSID时，可以利用该设备编写

N/A

N/A