From this webpage screenshot, the following key vulnerability information can be obtained: 1. Product and Version: - Product: com.ledvance.smartplus.eu - Version: 2.1.10 2. Vulnerability Type: - Incorrect Access Control 3. Severity: - High 4. Description: - The com.ledvance.smartplus.eu application, developed by LEDVANCE, contains an incorrect access control vulnerability during the firmware update process. The application downloads firmware updates via HTTPS requests. Through reverse engineering the application, the firmware download mechanism and download links can be identified. Dynamic testing revealed that the vendor’s firmware server lacks proper access controls, leading to firmware leakage. 5. Reproduction Steps: - 1. By examining the , , , and methods in the class, and the string value in , necessary URLs and other information for HTTP requests can be obtained. - 2. Sending the URL request to the firmware server results in a direct response containing the latest firmware information. - 3. Therefore, the unprotected firmware can be directly downloaded using this information. 6. Impact: - Attackers can exploit this vulnerability to: - Download the latest firmware before its official release. - Analyze the firmware to discover vulnerabilities or proprietary information. - Create modified firmware images containing malicious code. - Distribute infected firmware updates to innocent users. 7. Remediation: - Implement proper access controls on the firmware server, such as device ID and user ID verification. - Enhance the application’s firmware update mechanism by including authentication credentials in the requests. 8. Disclaimer: - This vulnerability report is for informational purposes only and should not be used for any malicious activities. The author is not responsible for any misuse of the information contained in this report.