← back
CVE-2020-24396

CVE-2020-24396

EPSS 1.8%
homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cwe.mitre.org/data/definitions/522.htmlhttps://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-027.txthttps://www.syss.de/pentest-blog/