Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mode (8-second button press), create a malicious WiFi AP using the known credentials, and serve malicious firmware via unauthenticated HTTP to achieve arbitrary code execution on this safety-critical emergency signaling device.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netun Solutions HelpFlash IoT 安全漏洞
Vulnerability Description
Netun Solutions HelpFlash IoT是西班牙Netun Solutions公司的一款智能联网车辆紧急警示灯。 Netun Solutions HelpFlash IoT v18_178_221102_ASCII_PRO_1R5_50版本存在安全漏洞,该漏洞源于OTA固件更新机制使用硬编码WiFi凭证且未验证更新服务器或固件签名,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A