Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung smartthings vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-30746
Missing caller check in Smart Things prior to version 1.7.85.12 allows malicious user to access senstive information remotely using javascript interface API.
Samsung Smartthings
2.1
CVSSv2
CVE-2022-30747
PendingIntent hijacking vulnerability in Smart Things before 1.7.85.25 allows local malicious users to access files without permission via implicit Intent.
Samsung Smartthings
4.6
CVSSv2
CVE-2022-30749
Improper access control vulnerability in Smart Things before 1.7.85.25 allows local malicious users to add arbitrary smart devices by bypassing login activity.
Samsung Smartthings
2.1
CVSSv2
CVE-2021-25404
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows malicious user to access user information via log.
Samsung Smartthings Firmware
5
CVSSv2
CVE-2021-25446
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
Samsung Smartthings Firmware
5
CVSSv2
CVE-2021-25447
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Samsung Smartthings Firmware
6.4
CVSSv2
CVE-2018-3918
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs ...
Samsung Sth-eth-250 Firmware 0.20.17
5
CVSSv2
CVE-2018-3911
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurel...
Samsung Sth-eth-250 Firmware 0.20.17
9
CVSSv2
CVE-2018-3856
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can s...
Samsung Sth-eth-250 Firmware 0.20.17
9
CVSSv2
CVE-2018-3876
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An attacker can send an arb...
Samsung Sth-eth-250 Firmware 0.20.17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »