MidnightBSD

Advisories for mydigoo

CVE-2023-31762

Weak security in the transmitter of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to gain full access to the system via a code replay attack.

Products Affected

Vendor Product Version
mydigoo dg-hamb_firmware 1.0
CVE-2023-39842

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.4 LOW CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 0.9 1.4

Products Affected

Vendor Product Version
mydigoo dg-hamb_smart_home_security_system_firmware 1.0