First published: Wed Dec 11 2019(Updated: )
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
Credit: vulnreport@tenable.com
Affected Software | Affected Version | How to fix |
---|---|---|
Amazon Blink Xt2 Sync Module Firmware | <2.13.11 | |
Amazon Blink Xt2 Sync Module |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Blink XT2 Sync Module firmware vulnerability is CVE-2019-3985.
CVE-2019-3985 has a severity rating of 8.8 (High).
CVE-2019-3985 allows remote attackers to execute arbitrary commands on the Blink XT2 Sync Module firmware due to improperly sanitized input when configuring the devices wifi configuration via the ssid parameter.
The affected software for CVE-2019-3985 is the Blink XT2 Sync Module firmware prior to version 2.13.11.
To fix the CVE-2019-3985 vulnerability, it is recommended to update the Blink XT2 Sync Module firmware to version 2.13.11 or later.