Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. After receiving the malicious command, the device will keep reporting its status and finally drain its battery after receiving the Set_short_poll_interval command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
E1e-g7f_firmware | Sengled | 0.0.9 (including) | 0.0.9 (including) |