Vulnerabilities > Sinilink

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2022-43704 Authentication Bypass by Capture-replay vulnerability in Sinilink Xy-Wft1 Firmware 1.3.6
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT.
network
high complexity
sinilink CWE-294
5.9