Vulnerability in Ewelink Zigbee Bridge Pro

CVE-2024-7206

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware

Vulnerability class: Improper Certificate Validation

EPSS: 0.002 (13.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References