PT-2018-4377 · Ring · Ring

David Lodge

Published

2018-02-06

Updated

2018-03-13

CVE-2015-4400

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ring (formerly DoorBot) video doorbells (affected versions not specified)

Description The issue allows remote attackers to obtain sensitive information about the wireless network configuration. This is achieved by pressing the set up button and leveraging an API in the GainSpan Wi-Fi module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2015-4400

Affected Products

Ring

PT-2018-4377 · Ring · Ring

CVE-2015-4400

Weakness Enumeration

Related Identifiers

Affected Products

References · 4