CVE-2024-11147 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as ro…
High CVSS: 7.0

CVE-2024-11147

ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root.
Vendor
Ecovacs
Product
Deebot 900 Firmware
CWE
CWE-798
Yayın Tarihi
2025-01-23 17:15:12
Güncelleme
2025-09-23 17:44:13
Source Identifier
9119a7d8-5eab-497f-8521-727c672e3725
KEV Date Added
-

Kategoriler

CWE-798 Deebot 900 Firmware HIGH Ecovacs 2025

Referanslar

https://builder.dontvacuum.me/ecopassword.php https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf