Vulnerabilities > Evoko

DATE CVE VULNERABILITY TITLE RISK
2020-01-19 CVE-2020-7232 Unspecified vulnerability in Evoko Home 1.31
Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL.
network
low complexity
evoko
5.0
2020-01-19 CVE-2020-7231 Information Exposure Through an Error Message vulnerability in Evoko Home 1.31
Evoko Home 1.31 devices provide different error messages for failed login requests depending on whether the username is valid.
network
low complexity
evoko CWE-209
5.0