Lack of Update File Integrity Checking in Hunesion i-oneNet Allows for Malicious Update Exploitation
CVE-2019-12804 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update.
Learn more about our Web Application Penetration Testing UK.