CVE-2019-3984

Summary

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet.

Affected Software

VendorProductVersion RangeStatus
AmazonBlink XT2 Sync Module firmwareprior to 2.13.11affected

Weaknesses

  • Arbitrary Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References