Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on certain Nuki Home Solutions devices. The HTTP API exposed by a Bridge used an unencrypted channel to provide an administrative interface. A token can be easily eavesdropped by a malicious actor to impersonate a legitimate user and gain access to the full set of API endpoints. This affects Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nuki Bridge 安全漏洞
Vulnerability Description
Nuki Bridge是Nuki公司的一个智能锁控制软件。 Nuki Bridge v1.22.0之前的v1.x版本和v2.13.2之前的v2.x版本、Nuki Keypad v1.9.2之前版本存在安全漏洞,该漏洞源于公开的HTTP API使用未加密的通道来提供管理接口。
CVSS Information
N/A
Vulnerability Type
N/A