Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung smartthings vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-25378
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
Samsung Smartthings
5
CVSSv2
CVE-2022-30746
Missing caller check in Smart Things prior to version 1.7.85.12 allows malicious user to access senstive information remotely using javascript interface API.
Samsung Smartthings
4.6
CVSSv2
CVE-2022-30749
Improper access control vulnerability in Smart Things before 1.7.85.25 allows local malicious users to add arbitrary smart devices by bypassing login activity.
Samsung Smartthings
NA
CVE-2022-39869
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via REMOVE_PERSISTENT_BANNER broadcast.
Samsung Smartthings
2.1
CVSSv2
CVE-2022-30747
PendingIntent hijacking vulnerability in Smart Things before 1.7.85.25 allows local malicious users to access files without permission via implicit Intent.
Samsung Smartthings
NA
CVE-2022-39864
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows malicious users to access sensitive information via implicit intent.
Samsung Smartthings
NA
CVE-2022-39865
Improper access control vulnerability in ContentsSharingActivity.java SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via implicit broadcast.
Samsung Smartthings
NA
CVE-2022-39866
Improper access control vulnerability in RegisteredEventMediator.kt SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via implicit broadcast.
Samsung Smartthings
NA
CVE-2022-39867
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via SHOW_PERSISTENT_BANNER broadcast.
Samsung Smartthings
NA
CVE-2022-39868
Improper access control vulnerability in GedSamsungAccount.kt SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via implicit broadcast.
Samsung Smartthings
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »