Vulnerabilities > CVE-2019-15312 - Unspecified vulnerability in Linkplay
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an attacker to compromise the victim device from the Internet.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
References
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-execution/
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-execution/
- https://labs.mwrinfosecurity.com/advisories/
- https://labs.mwrinfosecurity.com/advisories/
- https://linkplay.com/featured-products/
- https://linkplay.com/featured-products/