High severity7.5NVD Advisory· Published Jan 19, 2020· Updated Jun 17, 2026
CVE-2020-7232
CVE-2020-7232
Description
Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL.
Affected products
2- Evoko/Homedescription
Patches
Vulnerability mechanics
References
1- sku11army.blogspot.com/2020/01/evoko-otra-sala-por-favor.htmlnvdExploitPermissions RequiredThird Party Advisory
News mentions
0No linked articles in our index yet.