Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ECOVACS HOME mobile app plugins do not properly validate TLS certificates
Vulnerability Description
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
证书验证不恰当
Vulnerability Title
ECOVACS HOME mobile app plugins 信任管理问题漏洞
Vulnerability Description
ECOVACS HOME mobile app plugins是中国科沃斯(ECOVACS)公司的一个移动应用插件。 ECOVACS HOME mobile app plugins存在安全漏洞,该漏洞源于移动应用插件未正确验证 TLS 证书。未经身份验证的攻击者可以读取或修改 TLS 流量并获取身份验证令牌。
CVSS Information
N/A
Vulnerability Type
N/A