📦 Winston Firmware
by Winstonprivacy
🔍 What is Winston Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Winston 1.5.4 privacy devices have a hidden SSH user account accessible from bastion hosts, allowing unauthorized remote access. This undocumented backdoor affects Winston Privacy device users running...
Winston 1.5.4 devices have a misconfigured Cross-Origin Resource Sharing (CORS) policy that accepts requests from any origin, allowing attackers to make cross-origin requests and potentially access se...
CVE-2020-16257 is a command injection vulnerability in Winston Privacy devices version 1.5.4 that allows attackers to execute arbitrary commands via the API. This affects Winston Privacy hardware devi...