Vulnerabilities > CVE-2023-36160 - Unspecified vulnerability in Quboworld Smart Plug 10A Firmware Hsp02010114System10A

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

quboworld

NVD

Published: 2023-09-16

Updated: 2024-11-21

Summary

An issue was discovered in Qubo Smart Plug10A version HSP02_01_01_14_SYSTEM-10 A, allows local attackers to gain sensitive information and other unspecified impact via UART console.

Vulnerable Configurations

Part	Description	Count
OS	Quboworld Quboworld Smart Plug 10A Firmware Hsp02_01_01_14_System-10_A	1
Hardware	Quboworld Quboworld Smart Plug 10A -	1

References

https://github.com/Yashodhanvivek/Qubo_smart_switch_security_assessment/blob/main/Qubo_Smart_Plug_10A_Security_Assessment.pdf
https://github.com/Yashodhanvivek/Qubo_smart_switch_security_assessment/blob/main/Qubo_Smart_Plug_10A_Security_Assessment.pdf