CVE-2024-10523 – Information Disclosure Vulnerability in TP-Link IoT Smart Hub
https://notcve.org/view.php?id=CVE-2024-10523
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0331 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2024-20124
https://notcve.org/view.php?id=CVE-2024-20124
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVE-2024-20123
https://notcve.org/view.php?id=CVE-2024-20123
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVE-2024-20122
https://notcve.org/view.php?id=CVE-2024-20122
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVE-2024-20117
https://notcve.org/view.php?id=CVE-2024-20117
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •