mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
1004 B
1004 B
CVE-2019-5035
Description
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker can send specially crafted packets to trigger this vulnerability.
POC
Reference
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0798
- https://talosintelligence.com/vulnerability_reports/TALOS-2019-0798
Github
No PoCs found on GitHub currently.