Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smarthome vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-14114
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by malicious users to leak sensitive information.
Mi Smarthome
8.3
CVSSv2
CVE-2019-11063
A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smart...
Asus Smarthome
1 Github repository
10
CVSSv2
CVE-2021-26638
Improper Authentication vulnerability in S&D smarthome(smartcare) application can cause authentication bypass and information exposure. Remote attackers can use this vulerability to take control of the home environment including indoor control.
Xisnd S\\&d Smarthome
5
CVSSv2
CVE-2017-2704
Smarthome 1.0.2.364 and previous versions versions,HiAPP 7.3.0.303 and previous versions versions,HwParentControl 2.0.0 and previous versions versions,HwParentControlParent 5.1.0.12 and previous versions versions,Crowdtest 1.5.3 and previous versions versions,HiWallet 8.0.0.301 a...
Huawei Smarthome
Huawei Hiapp
Huawei Hwparentcontrol
Huawei Hwparentcontrolparent
Huawei Crowdtest
Huawei Hiwallet
Huawei Huawei Pay
Huawei Skytone
Huawei Hwclouddrive\\(emui6.0\\)
Huawei Hwphonefinder\\(emui6.0\\)
Huawei Hwphonefinder\\(emui5.1\\)
Huawei Hicinema
Huawei Huaweiwear
Huawei Hihealthapp
7.5
CVSSv2
CVE-2020-9550
Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an malicious user to sniff and spoof beacon requests remotely.
Rubetek Smarthome Firmware 2020
4.8
CVSSv2
CVE-2019-11061
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confide...
Asus Hg100 Firmware
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started