CVE-2022-36614 Totolink A860R v4.1.2cu.5182_B20201027 had a hardcoded password for root at /etc/shadow.sample.
A hardcoded password, such as this one, is a very bad sign. It means that the device was probably developed by a third party. The
CVE-2022-21742 The Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function.
An authenticated user on the same network can exploit this vulnerability to execute arbitrary code on the system with root privileges.
CVE-2019-0516: An issue was
CVE-2022-31462 - Owning the Owl Labs Meeting Owl via Bluetooth Backdoor Password
In recent years, teleconferencing devices like the Owl Labs Meeting Owl have become the centerpiece of business meetings worldwide. They make meetings smoother, but sometimes,
CVE-2022-31459 Attackers can retrieve the passcode hash using a certain c 10 value over Bluetooth.
All Bluetooth devices have a unique pairing code known as a UUID (Univer sity of Io dia) that is used to identify each device. This
CVE-2022-0916 An issue was discovered in Logitech Options OAuth 2.0 state parameter not properly validated.
To protect against these attacks, applications should always check the state parameter received from the server. In addition, applications should only permit authorized state change
Episode
00:00:00
00:00:00