iagox86,

Am I crazy, or are these the same vulnerability? The CVE is from 2023, and the exploit is from 2020, and in a different product:

https://nvd.nist.gov/vuln/detail/CVE-2023-33617
https://www.exploit-db.com/exploits/48225

gsuberland,
@gsuberland@chaos.social avatar

@iagox86 both relatively small-time network appliance vendors, so they're almost certainly using outsourced turnkey firmware platforms.

gsuberland,
@gsuberland@chaos.social avatar

@iagox86 in fact if you look up pictures of the two affected devices, you can see that they're the same board but just with a different enclosure.

with a bit of digging, looks like they're both rebadged Smart XLink products, which are the OEM branch of a Chinese vendor called HDV-TECH.

https://www.smart-xlink.com/products.html

gsuberland,
@gsuberland@chaos.social avatar

@iagox86 here's HDV-TECH's website.

https://hdv-tech.com/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Cybersecurity
  • DreamBathrooms
  • ngwrru68w68
  • tester
  • magazineikmin
  • thenastyranch
  • rosin
  • khanakhh
  • InstantRegret
  • Youngstown
  • slotface
  • Durango
  • kavyap
  • mdbf
  • tacticalgear
  • JUstTest
  • osvaldo12
  • normalnudes
  • cubers
  • cisconetworking
  • everett
  • GTA5RPClips
  • ethstaker
  • Leos
  • provamag3
  • anitta
  • modclub
  • megavids
  • lostlight
  • All magazines
    •