CVE-2019-12804

Summary

In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update.

Affected Software

VendorProductVersion RangeStatus
Hunesioni-oneNet3.0.7~3.0.53affected
Hunesioni-oneNet4.0.4~4.0.16affected

Weaknesses

  • CWE-353: CWE-353 Missing Support for Integrity Check

ADP Enrichment

CVE Program Container

Additional References

References