High severity8.1NVD Advisory· Published Feb 9, 2018· Updated Jun 17, 2026
CVE-2018-6827
CVE-2018-6827
Description
VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information, and consequently execute arbitrary code, via a crafted certificate, as demonstrated by leveraging a hardcoded --no-check-certificate Wget option.
Affected products
1Patches
Vulnerability mechanics
References
1- stacksmashing.net/CVE-2018-6827.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.