MidnightBSD

Advisories for hetronic

CVE-2018-19023 MEDIUM

Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-294,CWE-287,

Products Affected

Vendor Product Version
hetronic mlc_firmware *
hetronic dc_mobile_firmware *
hetronic nova-m_firmware *
hetronic bms-hl_firmware *
hetronic es-can-hl_firmware *