PT-2019-14799 · Petwant+1 · Petwant Pf-103+1

Published

2019-12-13

Updated

2020-08-24

CVE-2019-16731

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Petwant PF-103 firmware version 4.22.2.42 Petalk AI version 3.2.2.30

Description The issue allows remote attackers to initiate firmware upgrades and alter device settings through the udpServerSys service.

Recommendations For Petwant PF-103 firmware version 4.22.2.42, consider restricting access to the udpServerSys service until a patch is available. For Petalk AI version 3.2.2.30, restrict access to the udpServerSys service to minimize the risk of exploitation.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2019-16731

Affected Products

Petalk Ai

Petwant Pf-103

PT-2019-14799 · Petwant+1 · Petwant Pf-103+1

CVE-2019-16731

Weakness Enumeration

Related Identifiers

Affected Products

References · 3