Skip to main content
CVE-2018-11567 LOW POC Monitor

Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure Echo Show Firmware Echo Plus Firmware Echo Dot Firmware +2
NVD
CVSS 3.0
3.3
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy