Ring (formerly DoorBot) video doorbells allow remote attackers to obtain sensitive information about the wireless network configuration by pressing the set up button and leveraging an API in the GainSpan Wi-Fi module.
References
Link | Resource |
---|---|
https://blog.fortinet.com/2016/01/22/cve-2015-4400-backdoorbot-network-configuration-leak-on-a-connected-doorbell | Broken Link |
https://fortiguard.com/zeroday/FG-VD-15-021 | Third Party Advisory |
https://www.pentestpartners.com/security-blog/steal-your-wi-fi-key-from-your-doorbell-iot-wtf/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-06T16:00:00
Updated: 2018-02-06T15:57:01
Reserved: 2015-06-06T00:00:00
Link: CVE-2015-4400
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-06T16:29:00.527
Modified: 2018-03-13T19:13:47.697
Link: CVE-2015-4400
JSON object: View
Redhat Information
No data.
CWE