mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
793 B
793 B
CVE-2020-7232
Description
Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL.
POC
Reference
- https://sku11army.blogspot.com/2020/01/evoko-otra-sala-por-favor.html
- https://sku11army.blogspot.com/2020/01/evoko-otra-sala-por-favor.html
Github
No PoCs found on GitHub currently.