In ZGR TPS200 NG 2.00 firmware version and 1.01 hardware version, the firmware upload process does not perform any type of restriction. This allows an attacker to modify it and re-upload it via web with malicious modifications, rendering the device unusable.
Credits
Discovered by the Industrial Cybersecurity team of S21sec, special mention to Aar�n Flecha Men�ndez.
