Security Advisory – eWeLink 2.4G remote control light bulbs Remote Code Execution Vulnerability
Title Release Date 2023/11/07 Abstract The connection modules of some Bluetooth 2.4G remote-control devices contain a vulnerability that allows bypassing of authentication. Successfully exploiting this vulnerability may allow attackers to access restricted functionalities. Affected Product BLREAD-L Affected Version BLREAD-L 1.2.1 Impact Attackers can exploit this vulnerability to access certain restricted functionalities. Technical Details Exploitation Preconditions: …