CVE-2019-15312
N/A
N/A
Summary
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an attacker to compromise the victim device from the Internet.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://labs.mwrinfosecurity.com/advisories/
- https://linkplay.com/featured-products/
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-execution/
References
- https://labs.mwrinfosecurity.com/advisories/
- https://linkplay.com/featured-products/
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-execution/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.