CVE-2025-2189
Information Disclosure Vulnerability in Tinxy Smart Devices
This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext credentials stored on the vulnerable device.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N
Productos afectados
Mogify Infotech · Tinxy 1 Node 10A and 16A Smart Wi-Fi SwitchesMogify Infotech · Tinxy 2, 4 and 6 Node Smart Wi-Fi SwitchesMogify Infotech · Tinxy Door Lock with Wi-Fi ControllerMogify Infotech · Tinxy Smart 15 Watts 3 in 1 Square Panel Ceiling LightMogify Infotech · Tinxy Smart 8 Watts 3 in 1 Round Panel Ceiling LightMogify Infotech · Tinxy Wi-Fi Lock Controller v1 RF¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →