Unrated severityNVD Advisory· Published Jan 23, 2024· Updated May 30, 2025

CVE-2023-42143

Description

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware.

Affected products

Shelly/TRVdescription
Shelly/TRVllm-fuzzy
Range: 20220811-152343/v2.1.8@5afc928c

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000