CVE-2019-15745
HIGHEques elf Smart Plug Firmware - Unauthenticated Device Control via Hardcoded AES Key
Title source: llmDescription
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP port 27431. An attacker on the local network can use the same key to encrypt and send commands to discover all smart plugs in a network, take over control of a device, and perform actions such as turning it on and off.
References (5)
Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-one/
Exploit, Third Party Advisory x_refsource_misc
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-two/
Exploit, Third Party Advisory x_refsource_misc
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-three/
Exploit, Third Party Advisory x_refsource_misc
https://www.ckn.io/blog/2019/08/27/exploiting-the-eques-elf-smart-plug-part-four/
Exploit, Third Party Advisory x_refsource_misc
https://github.com/iamckn/eques
Scores
CVSS v3
8.8
EPSS
0.0138
EPSS Percentile
68.5%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-798
Status
published
Products (1)
equeshome/elf_smart_plug_firmware
Published
Aug 29, 2019
Tracked Since
Feb 18, 2026