{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T04:43:43.117","vulnerabilities":[{"cve":{"id":"CVE-2024-46040","sourceIdentifier":"cve@mitre.org","published":"2024-10-07T16:15:05.407","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 suffers from Insufficient Session Expiration. The lack of validation of the authentication token at the IoT Haat during the Access Point Pairing mode leads the attacker to replay the Wi-Fi packets and forcefully turn off the access point after the authentication token has expired."},{"lang":"es","value":"IoT Haat Smart Plug IH-IN-16A-S IH-IN-16A-S v5.16.1 sufre un vencimiento de sesión insuficiente. La falta de validación del token de autenticación en IoT Haat durante el modo de emparejamiento del punto de acceso hace que el atacante repita los paquetes de Wi-Fi y apague a la fuerza el punto de acceso después de que el token de autenticación haya vencido."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"references":[{"url":"https://github.com/Anonymous120386/Anonymous","source":"cve@mitre.org"},{"url":"https://www.iothaat.com/","source":"cve@mitre.org"}]}}]}