CVE-2018-11315
Summary
| CVE | CVE-2018-11315 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-05-20 13:29:00 UTC |
| Updated | 2023-11-07 02:51:00 UTC |
| Description | The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Radiothermostat | Ct50 | - | All | All | All |
| Hardware | Radiothermostat | Ct50 | - | All | All | All |
| Operating System | Radiothermostat | Ct50 Firmware | All | All | All | All |
| Hardware | Radiothermostat | Ct80 | - | All | All | All |
| Hardware | Radiothermostat | Ct80 | - | All | All | All |
| Operating System | Radiothermostat | Ct80 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Attacking Private Networks from the Internet with DNS Rebinding | medium.com | ||
| Attacking Private Networks from the Internet with DNS Rebinding | MISC | medium.com | |
| GitHub - brannondorsey/radio-thermostat: Radio Thermostat CT50 & CT80 REST API notes | MISC | github.com | Exploit, Third Party Advisory |
| Millions of Google, Roku, and Sonos Devices Are Vulnerable to a Web Attack | WIRED | MISC | www.wired.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.