CVE-2021-35067

Description

Meross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).

Related CPE's

o meross msg100_firmware ********

h meross msg100 -*******

References

https://infosec.rm-it.de/?p=878&preview=1&_ppp=219bc85c2f

ExploitThird Party Advisory

https://infosec.rm-it.de/2021/06/18/meross-smart-wi-fi-garage-door-opener-analysis/

ExploitThird Party Advisory

CvssV3 impact

BaseSeverity	HIGH
ConfidentialityImpact	HIGH
AttackComplexity	LOW
Scope	UNCHANGED
AttackVector	NETWORK
AvailabilityImpact	NONE
IntegrityImpact	HIGH
PrivilegesRequired	LOW
BaseScore	8.1
VectorString	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	PARTIAL
AvailabilityImpact	NONE
IntegrityImpact	PARTIAL
BaseScore	5.5
VectorString	AV:N/AC:L/Au:S/C:P/I:P/A:N
Version	2.0
AccessVector	NETWORK
Authentication	SINGLE

Created by Yello

About Severity.io