Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung smartthings vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39870
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
Samsung Smartthings
NA
CVE-2022-39871
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via implicit broadcasts.
Samsung Smartthings
7.5
CVSSv2
CVE-2021-25508
Improper privilege management vulnerability in API Key used in SmartThings before 1.7.73.22 allows an malicious user to abuse the API key without limitation.
Samsung Smartthings
2.1
CVSSv2
CVE-2021-25404
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows malicious user to access user information via log.
Samsung Smartthings Firmware
5
CVSSv2
CVE-2021-25446
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
Samsung Smartthings Firmware
5
CVSSv2
CVE-2021-25447
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Samsung Smartthings Firmware
6.4
CVSSv2
CVE-2018-3918
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs ...
Samsung Sth-eth-250 Firmware 0.20.17
5
CVSSv2
CVE-2018-3911
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurel...
Samsung Sth-eth-250 Firmware 0.20.17
9
CVSSv2
CVE-2018-3856
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can s...
Samsung Sth-eth-250 Firmware 0.20.17
9
CVSSv2
CVE-2018-3873
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an ar...
Samsung Sth-eth-250 Firmware 0.20.17
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »