Vulnerability in Ewelink Zigbee Bridge Pro
CVE-2024-7206
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware
Vulnerability class: Improper Certificate Validation
EPSS: 0.002 (13.4th percentile) — read the EPSS interpretation.
Affected products
- Ewelink Zigbee Bridge Pro — versions 0