Skip to content

Instantly share code, notes, and snippets.

@stevenliuturing
Created October 11, 2023 21:31
Show Gist options
  • Save stevenliuturing/306bb689737cec5d3a5760c34d65932c to your computer and use it in GitHub Desktop.
Save stevenliuturing/306bb689737cec5d3a5760c34d65932c to your computer and use it in GitHub Desktop.
CVE-2023-42425 Details

Description

An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary code and obtain sensitive information via the cloud connection components.

Vulnerability Type

Missing SSL Certificate Validation

Vendor of Product

Turing Video

Affected Product Code Base

Turing Edge+ EVC5FD - Firmware version: 1.38.6

Attack Type

Remote

Impact Information Disclosure

True

Has vendor confirmed or acknowledged the vulnerability?

True

Discoverer

IPVM

Workaround

Firware version 1.40.1 onwards includes fix for this vulnerability.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment