Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logitech vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-15722
The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response.
Logitech Harmony Hub Firmware
7
CVSSv3
CVE-2022-0915
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows before 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user.
Logitech Sync
8.8
CVSSv3
CVE-2022-0916
An issue exists in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
Logitech Options
9.8
CVSSv3
CVE-2018-15720
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.
Logitech Harmony Hub Firmware
NA
CVE-2007-2918
Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote malicious users to cau...
Logitech Videocall
1 EDB exploit
9.8
CVSSv3
CVE-2018-15721
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.
Logitech Harmony Hub Firmware
9.8
CVSSv3
CVE-2018-15723
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g. harmony.system?systeminfo).
Logitech Harmony Hub Firmware
7.3
CVSSv3
CVE-2022-36263
StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.
Logitech Streamlabs Desktop 1.9.0
7.8
CVSSv3
CVE-2018-0620
Untrusted search path vulnerability in LOGICOOL Game Software versions prior to 8.87.116 allows an malicious user to gain privileges via a Trojan horse DLL in an unspecified directory.
Logitech Game Software
5.4
CVSSv3
CVE-2017-16568
Cross-site scripting (XSS) vulnerability in Logitech Media Server 7.9.0 allows remote malicious users to inject arbitrary web script or HTML via a radio URL.
Logitech Media Server 7.9.0
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »