Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2018-11315

CVE information

Published

4 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

Low

CVSSv3.1 Severity

Medium

Impact Analysis

Description

The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to CVE-2013-4860..

CVSSv2.0 Score

Severity
Low
Base Score
3.3/10
Exploit Score
6.5/10
Access Vector
Adjacent_network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

CVSSv3.1 Score

Severity
Medium
Base Score
6.5/10
Exploit Score
2.8/10
Access Vector
Adjacent_network
Access Complexity
Low
Privileges Required
None
Impact Score
3.6/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
High
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:radiothermostat:ct50_firmware:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:radiothermostat:ct50:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:o:radiothermostat:ct80_firmware:*:*:*:*:*:*:*:*
  Yes
-
cpe:2.3:h:radiothermostat:ct80:-:*:*:*:*:*:*:*
  No
-