Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
arduino-TuyaOpen TuyaIoT Out-of-Bounds Memory Read Information Disclosure
Vulnerability Description
arduino-TuyaOpen before version 1.2.1 contains an out-of-bounds memory read vulnerability in the TuyaIoT component. An attacker who hijacks or controls the Tuya cloud service can issue malicious DP event data to victim devices, causing out-of-bounds memory access that may result in information disclosure or a denial-of-service condition.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
arduino-TuyaOpen 缓冲区错误漏洞
Vulnerability Description
arduino-TuyaOpen是Tuya开源的一个基于Arduino的物联网开发框架。 arduino-TuyaOpen 1.2.1之前版本存在缓冲区错误漏洞,该漏洞源于TuyaIoT组件存在越界内存读取,可能导致信息泄露或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A