https://github.com/brannondorsey/cve
A collection of vulnerabilities found through independent security research.
https://github.com/brannondorsey/cve
cve disclosure security
Last synced: 4 months ago
JSON representation
A collection of vulnerabilities found through independent security research.
- Host: GitHub
- URL: https://github.com/brannondorsey/cve
- Owner: brannondorsey
- Created: 2018-06-19T04:27:04.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2018-07-11T16:41:27.000Z (almost 8 years ago)
- Last Synced: 2025-11-29T17:26:43.076Z (7 months ago)
- Topics: cve, disclosure, security
- Homepage:
- Size: 1000 Bytes
- Stars: 10
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Public CVEs
A collection of vulnerabilities found through independent security research. For thoughts on disclosure policy, see [this post](https://medium.com/@brannondorsey/going-public-fast-thoughts-on-disclosure-policy-2d10ebc1f70d).
- [**CVE-2018-11314**](https://nvd.nist.gov/vuln/detail/CVE-2018-11314): The External Control API in versions of Roku OS before 8.1 allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
- [**CVE-2018-11315**](https://nvd.nist.gov/vuln/detail/CVE-2018-11315): The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a home's target temperature to 95 degrees Fahrenheit. This vulnerability might be described as an addendum to [CVE-2013-4860](https://nvd.nist.gov/vuln/detail/CVE-2013-4860).
- [**CVE-2018-11316**](https://nvd.nist.gov/vuln/detail/CVE-2018-11316): The UPnP HTTP server on Sonos device versions 8.6 and below allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
- [**CVE-2018-12716**](https://nvd.nist.gov/vuln/detail/CVE-2018-12716): The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request. *Note: This vulnerability was discovered independently by several security researchers including Craig Young from Tripwire, Brannon Dorsey, [Gunes Acar Et. Al](https://freedom-to-tinker.com/2018/06/21/fast-web-based-attacks-to-discover-and-control-iot-devices/), and others.*