Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
samsung smartthings vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-39870
Improper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.
Samsung Smartthings
7.5
CVSSv3
CVE-2022-39871
Improper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows malicious users to access sensitive information via implicit broadcasts.
Samsung Smartthings
9.8
CVSSv3
CVE-2021-25508
Improper privilege management vulnerability in API Key used in SmartThings before 1.7.73.22 allows an malicious user to abuse the API key without limitation.
Samsung Smartthings
3.3
CVSSv3
CVE-2021-25404
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows malicious user to access user information via log.
Samsung Smartthings Firmware
5.3
CVSSv3
CVE-2021-25446
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
Samsung Smartthings Firmware
5.3
CVSSv3
CVE-2021-25447
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Samsung Smartthings Firmware
7.5
CVSSv3
CVE-2018-3918
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs ...
Samsung Sth-eth-250 Firmware 0.20.17
8.6
CVSSv3
CVE-2018-3911
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurel...
Samsung Sth-eth-250 Firmware 0.20.17
9.9
CVSSv3
CVE-2018-3856
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can s...
Samsung Sth-eth-250 Firmware 0.20.17
9.9
CVSSv3
CVE-2018-3873
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an ar...
Samsung Sth-eth-250 Firmware 0.20.17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »