MidnightBSD

Advisories for chuango

CVE-2019-11561 MEDIUM

The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. When the condition is triggered, the OV2 base station is unable to process sensor states and effectively prevents the alarm from setting off, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
chuango g5w_firmware *
chuango awv_plus_firmware *
chuango b11_firmware *
chuango g5_plus_firmware *
chuango a11_firmware *
chuango h4_plus_firmware *
chuango g3_firmware *
chuango g5w_3g_firmware *
chuango cg-105s_firmware *
chuango a8_firmware *
CVE-2019-9659 MEDIUM

The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger the alarm remotely via replay attacks, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-294,

Products Affected

Vendor Product Version
chuango a11_pstn/lcd/rfid_touch_alarm_system_firmware -
chuango awv_plus_wifi_alarm_system_firmware -
chuango a8_pstn_alarm_system_firmware -
chuango cg-105s_on-site_alarm_system_firmware -
chuango wifi_alarm_system_firmware -
chuango g3_gsm/sms_alarm_system_firmware -
chuango b11_dual-network_alarm_system_firmware -
chuango wifi/cellular_smart_home_system_h4_plus_firmware -
eminent em8617_ov2_wifi_alarm_system_firmware -
chuango g5_plus_gsm/sms/rfid_touch_alarm_system_firmware -
chuango g5w_3g_firmware -