CVE-2019-12505

HIGH Year: 2019
CVSS v3 Score
8.8
High
CVSS v2 Score
8.3
High
Weakness Type
CWE-306
View all →

Vulnerability Description

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this way, an attacker can remotely take control over the victim's computer that is operated with an affected receiver of this device.

Related Vulnerabilities

CVE-2016-6541

HIGH
CVSS:8.8(High)

TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Androi...

CWE-3062016

CVE-2016-7830

HIGH
CVSS:8.8(High)

Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on...

CWE-3062016

CVE-2017-10854

HIGH
CVSS:8.8(High)

Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.

CWE-3062017

CVE-2018-0521

HIGH
CVSS:8.8(High)

Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-0554

HIGH
CVSS:8.8(High)

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

CWE-3062018

CVE-2018-11476

HIGH
CVSS:8.8(High)

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the ...

CWE-3062018