CVE-2024-46040

Oct. 7, 2024, 5:47 p.m.

Tags

cve@mitre.org
2024-10-07
CVE-2024-46040

Product(s) Impacted

IoT Haat Smart Plug IH-IN-16A-S

  • v5.16.1

Description

IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode leads the attacker to replay the Wi-Fi packets and forcefully turn off the access point after the authentication token has expired.

Weaknesses

Date

Published: Oct. 7, 2024, 4:15 p.m.

Last Modified: Oct. 7, 2024, 5:47 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/Anonymous120386/Anonymous
cve@mitre.org
https://www.iothaat.com/
cve@mitre.org